A Method for Joint Detection of Attacks in Named Data Networking

被引：0

作者：

Wu Z. ^{[1
]}

Zhang R. ^{[1
]}

Yue M. ^{[1
]}

机构：

[1] College of Electronic Information and Automation, Civil Aviation University of China, Tianjin

来源：

| 1600年 / Science Press卷 / 58期

基金：

中国国家自然科学基金;

关键词：

Association rules; Conspiracy interest flooding attack (CIFA); Decision tree; Interest flooding attack (IFA); Named data networking (NDN);

D O I：

10.7544/issn1000-1239.2021.20200448

中图分类号：

学科分类号：

摘要：

The interest flooding attack (IFA) and conspiracy interest flooding attack (CIFA) are typical security threats faced by the named data networking (NDN). Aiming at the problem that existing detection methods cannot effectively identify the attack types due to single detection features and the detection rate is not high enough, this paper proposes a method based on association rule algorithm and decision tree algorithm to detect attacks in NDN. First of all, by extracting the data information in the content cache (CS) of NDN routing node, the new detection feature "CS packet growth rate" in CS is mined. It is found in the experiment that "cache growth rate" is a favorable basis for distinguishing attack types. Secondly, association rule algorithm is used to combine the new detection feature with multiple detection features in pending interest table (PIT) to find the correlation between each feature. After preprocessing the output results of multiple association rules, they are used as input into the decision tree as a training set. Finally, the detection model generated by the decision tree algorithm is used to detect the attack. This method uses decision tree algorithm and association rule algorithm to jointly detect attacks in NDN, which not only avoids misjudgment caused by single detection features, but also enriches the classification attributes of decision trees. The simulation results show that this method can accurately distinguish and detect IFA and CIFA and improve the detection rate. © 2021, Science Press. All right reserved.

引用

页码：569 / 582

页数：13

共 24 条

[1] Zhang Lixia, Afanasyev A, Burke J, Et al., Named data networking, Computer Communication Review, 44, 3, pp. 66-73, (2014)
[2] Wu Chao, Zhang Yaoxue, Zhou Yuezhi, Et al., A survey for the development of information-centric networking, Chinese Journal of Computers, 38, 3, pp. 455-471, (2015)
[3] Sun Yanbin, Zang Yu, Zhang Hongli, Survey of research on information-centric networking architecture, Acta Electronica Sinica, 44, 8, pp. 2009-2017, (2016)
[4] Abdallah E, Hassanein H, Zulkernine M., A survey of security attacks in information-centric networking, Communications Surveys & Tutorials, 17, 3, pp. 1441-1454, (2015)
[5] Rani P V, Ravi N, Shalinic S M, Et al., Detecting and assuaging against interest flooding attack using statistical hypothesis testing in next generation ICN, Proc of the 2018 Int Conf on Computer, Communication, and Signal Processing, pp. 1-5, (2018)
[6] Wu Zhijun, Liu Liang, Yue Meng, Detection method of LDoS attacks based on combination of ANN & KPCA, Journal on Communications, 39, 5, pp. 11-22, (2018)
[7] Dai Huichen, Wang Yi, Fan Jindou, Et al., Mitigate DDoS attacks in NDN by Interest Traceback, Proc of the 2013 IEEE Conf on Computer Communications Workshops, pp. 381-386, (2013)
[8] Compagno A, Conti M, Gasti P, Et al., Poseidon: Mitigating interest flooding DDoS attacks in named data networking, Proc of the 38th Annual IEEE Conf on Local Computer Networks, pp. 630-638, (2013)
[9] Xin Yonghui, Li Yang, Wang Wei, Et al., A novel interest flooding attacks detection and countermeasure scheme in NDN, Proc of the 2016 IEEE Global Communications Conf (GLOBECOM), pp. 1-7, (2016)
[10] Salah H, Wulfheide J, Strufe T., Lightweight coordinated defence against interest flooding attacks in NDN, Proc of the IEEE Conf on Computer Communications Workshops (INFOCOM WKSHPS), pp. 103-104, (2015)

← 1 2 3 →