Abstract | ||
---|---|---|
Named data networking (NDN) has attracted much attention on the design for next generation Internet architecture. Although it embeds some security primitives in its original architecture, it may suffer from denial-of-service (DoS) attacks. In this paper, we model one representative type of NDN-specific DoS attacks named DoS against pending interest table (PIT), or DoS-PIT, which floods malicious Interests that request nonexistent content to bypass cached content at routers and to exhaust the memory resource for PIT, bringing in severe service degradation. In our proposed analytical model, the closed-form expressions for the DoS probability for users suffering DoS-PIT are derived, while considering several important factors of NDN networks such as PIT size, time-to-live of each PIT entry, popularity of content, and cache size. Moreover, extensive simulation experiments demonstrate the accuracy of the proposed model on evaluating the damage effect of DoS-PIT. In addition, the proposed model can be chosen to guide designing effective countermeasures for DoS-PIT (or attacks with similar way to harm NDN) by properly setting the values of some parameters (e.g., cache size) of each NDN router. Copyright (c) 2013 John Wiley & Sons, Ltd. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1002/dac.2618 | INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS |
Keywords | Field | DocType |
modeling, DoS attack, pending interest table, named data networking | Architecture,Expression (mathematics),Denial-of-service attack,Cache,Computer science,CPU cache,Computer security,Content based networking,Popularity,Computer network,Router | Journal |
Volume | Issue | ISSN |
27 | 12 | 1074-5351 |
Citations | PageRank | References |
13 | 0.72 | 15 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kai Wang | 1 | 72 | 8.46 |
Jia Chen | 2 | 63 | 7.32 |
Huachun Zhou | 3 | 370 | 54.39 |
Yajuan Qin | 4 | 187 | 21.81 |
Hongke Zhang | 5 | 1637 | 142.17 |