Abstract
Named Data Networking (NDN) is a promising inter-networking paradigm that focus on content rather than hosts and their physical locations. In NDN Consumers issue Interests for Contents. Producers generate a content in response to each received interest and such content is routed back to the requesting consumer. When compared to IP, NDN brings advantages such as better throughput and lower latency, because routers are able to cache popular contents and satisfy interests for such contents locally. However, before being considered a viable approach, NDN should offer security services that are ideally better, but at least equivalent to current mechanisms in IP.In this regard, mechanisms to prevent DDoS are of paramount importance. In this work we propose FROG: a simple yet effective Interest Flooding Attack (IFA) detection and mitigation method. FROG runs on routers that are directly connected to NDN consumers and monitors packet hop counts. It then calculates mean and variance using stored hop counts to distinguish attackers from legitimate users. We use the NDN simulator ndnSIM to evaluate FROG's effectiveness. Our results show that FROG improves resilience against DDoS attacks. In particular, during an attack, legitimate users can still receive 75% of requested contents. Without FROG this number decreases to 50%.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
