Advanced interest flooding attacks in named-data networking

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Researchers

Research units

  • University of Luxembourg
  • Inria Nancy - Grand Est
  • Telecom Nancy

Abstract

The Named-Data Networking (NDN) has emerged as a clean-slate Internet proposal on the wave of Information-Centric Networking. Although the NDN's data-plane seems to offer many advantages, e.g., native support for multicast communications and flow balance, it also makes the network infrastructure vulnerable to a specific DDoS attack, the Interest Flooding Attack (IFA). In IFAs, a botnet issuing unsatisfiable content requests can be set up effortlessly to exhaust routers' resources and cause a severe performance drop to legitimate users. So far several countermeasures have addressed this security threat, however, their efficacy was proved by means of simplistic assumptions on the attack model. Therefore, we propose a more complete attack model and design an advanced IFA. We show the efficiency of our novel attack scheme by extensively assessing some of the state-of-the-art countermeasures. Further, we release the software to perform this attack as open source tool to help design future more robust defense mechanisms.

Details

Original languageEnglish
Title of host publication2017 IEEE 16th International Symposium on Network Computing and Applications (NCA)
Publication statusPublished - 1 Nov 2017
MoE publication typeA4 Article in a conference publication
EventInternational Symposium on Network Computing and Applications - Cambridge, United States
Duration: 30 Oct 20171 Nov 2017
Conference number: 16

Conference

ConferenceInternational Symposium on Network Computing and Applications
Abbreviated titleNCA
CountryUnited States
CityCambridge
Period30/10/201701/11/2017

    Research areas

  • Internet, computer crime, computer network security, multicast communication, security of data, telecommunication security, Information-Centric Networking, Interest Flooding Attack, advanced IFA, advanced interest flooding attacks, clean-slate Internet proposal, complete attack model, data-plane, multicast communications, named-data networking, network infrastructure, specific DDoS attack, unsatisfiable content requests, Computer architecture, Electronic mail, Monitoring, Robustness, Routing protocols

ID: 18144708