Advanced interest flooding attacks in named-data networking

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Standard

Advanced interest flooding attacks in named-data networking. / Signorello, S.; Marchal, S.; François, J.; Festor, O.; State, R.

2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). IEEE, 2017.

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Harvard

Signorello, S, Marchal, S, François, J, Festor, O & State, R 2017, Advanced interest flooding attacks in named-data networking. in 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). IEEE, International Symposium on Network Computing and Applications, Cambridge, United States, 30/10/2017. https://doi.org/10.1109/NCA.2017.8171325

APA

Signorello, S., Marchal, S., François, J., Festor, O., & State, R. (2017). Advanced interest flooding attacks in named-data networking. In 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA) IEEE. https://doi.org/10.1109/NCA.2017.8171325

Vancouver

Signorello S, Marchal S, François J, Festor O, State R. Advanced interest flooding attacks in named-data networking. In 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). IEEE. 2017 https://doi.org/10.1109/NCA.2017.8171325

Author

Signorello, S. ; Marchal, S. ; François, J. ; Festor, O. ; State, R. / Advanced interest flooding attacks in named-data networking. 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). IEEE, 2017.

Bibtex - Download

@inproceedings{934c2ce3524146e185cc73affb65e2e3,
title = "Advanced interest flooding attacks in named-data networking",
abstract = "The Named-Data Networking (NDN) has emerged as a clean-slate Internet proposal on the wave of Information-Centric Networking. Although the NDN's data-plane seems to offer many advantages, e.g., native support for multicast communications and flow balance, it also makes the network infrastructure vulnerable to a specific DDoS attack, the Interest Flooding Attack (IFA). In IFAs, a botnet issuing unsatisfiable content requests can be set up effortlessly to exhaust routers' resources and cause a severe performance drop to legitimate users. So far several countermeasures have addressed this security threat, however, their efficacy was proved by means of simplistic assumptions on the attack model. Therefore, we propose a more complete attack model and design an advanced IFA. We show the efficiency of our novel attack scheme by extensively assessing some of the state-of-the-art countermeasures. Further, we release the software to perform this attack as open source tool to help design future more robust defense mechanisms.",
keywords = "Internet, computer crime, computer network security, multicast communication, security of data, telecommunication security, Information-Centric Networking, Interest Flooding Attack, advanced IFA, advanced interest flooding attacks, clean-slate Internet proposal, complete attack model, data-plane, multicast communications, named-data networking, network infrastructure, specific DDoS attack, unsatisfiable content requests, Computer architecture, Electronic mail, Monitoring, Robustness, Routing protocols",
author = "S. Signorello and S. Marchal and J. Fran{\cc}ois and O. Festor and R. State",
year = "2017",
month = "11",
day = "1",
doi = "10.1109/NCA.2017.8171325",
language = "English",
isbn = "978-1-5386-1466-2",
booktitle = "2017 IEEE 16th International Symposium on Network Computing and Applications (NCA)",
publisher = "IEEE",

}

RIS - Download

TY - GEN

T1 - Advanced interest flooding attacks in named-data networking

AU - Signorello, S.

AU - Marchal, S.

AU - François, J.

AU - Festor, O.

AU - State, R.

PY - 2017/11/1

Y1 - 2017/11/1

N2 - The Named-Data Networking (NDN) has emerged as a clean-slate Internet proposal on the wave of Information-Centric Networking. Although the NDN's data-plane seems to offer many advantages, e.g., native support for multicast communications and flow balance, it also makes the network infrastructure vulnerable to a specific DDoS attack, the Interest Flooding Attack (IFA). In IFAs, a botnet issuing unsatisfiable content requests can be set up effortlessly to exhaust routers' resources and cause a severe performance drop to legitimate users. So far several countermeasures have addressed this security threat, however, their efficacy was proved by means of simplistic assumptions on the attack model. Therefore, we propose a more complete attack model and design an advanced IFA. We show the efficiency of our novel attack scheme by extensively assessing some of the state-of-the-art countermeasures. Further, we release the software to perform this attack as open source tool to help design future more robust defense mechanisms.

AB - The Named-Data Networking (NDN) has emerged as a clean-slate Internet proposal on the wave of Information-Centric Networking. Although the NDN's data-plane seems to offer many advantages, e.g., native support for multicast communications and flow balance, it also makes the network infrastructure vulnerable to a specific DDoS attack, the Interest Flooding Attack (IFA). In IFAs, a botnet issuing unsatisfiable content requests can be set up effortlessly to exhaust routers' resources and cause a severe performance drop to legitimate users. So far several countermeasures have addressed this security threat, however, their efficacy was proved by means of simplistic assumptions on the attack model. Therefore, we propose a more complete attack model and design an advanced IFA. We show the efficiency of our novel attack scheme by extensively assessing some of the state-of-the-art countermeasures. Further, we release the software to perform this attack as open source tool to help design future more robust defense mechanisms.

KW - Internet

KW - computer crime

KW - computer network security

KW - multicast communication

KW - security of data

KW - telecommunication security

KW - Information-Centric Networking

KW - Interest Flooding Attack

KW - advanced IFA

KW - advanced interest flooding attacks

KW - clean-slate Internet proposal

KW - complete attack model

KW - data-plane

KW - multicast communications

KW - named-data networking

KW - network infrastructure

KW - specific DDoS attack

KW - unsatisfiable content requests

KW - Computer architecture

KW - Electronic mail

KW - Monitoring

KW - Robustness

KW - Routing protocols

U2 - 10.1109/NCA.2017.8171325

DO - 10.1109/NCA.2017.8171325

M3 - Conference contribution

SN - 978-1-5386-1466-2

BT - 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA)

PB - IEEE

ER -

ID: 18144708