Paper Info
Title
Modeling Denial-Of-Service Against Pending Interest Table In Named Data Networking
Abstract
Named data networking (NDN) has attracted much attention on the design for next generation Internet architecture. Although it embeds some security primitives in its original architecture, it may suffer from denial-of-service (DoS) attacks. In this paper, we model one representative type of NDN-specific DoS attacks named DoS against pending interest table (PIT), or DoS-PIT, which floods malicious Interests that request nonexistent content to bypass cached content at routers and to exhaust the memory resource for PIT, bringing in severe service degradation. In our proposed analytical model, the closed-form expressions for the DoS probability for users suffering DoS-PIT are derived, while considering several important factors of NDN networks such as PIT size, time-to-live of each PIT entry, popularity of content, and cache size. Moreover, extensive simulation experiments demonstrate the accuracy of the proposed model on evaluating the damage effect of DoS-PIT. In addition, the proposed model can be chosen to guide designing effective countermeasures for DoS-PIT (or attacks with similar way to harm NDN) by properly setting the values of some parameters (e.g., cache size) of each NDN router. Copyright (c) 2013 John Wiley & Sons, Ltd.
Year
DOI
Venue
2014
10.1002/dac.2618
INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS
Keywords
Field
DocType
modeling, DoS attack, pending interest table, named data networking
Architecture,Expression (mathematics),Denial-of-service attack,Cache,Computer science,CPU cache,Computer security,Content based networking,Popularity,Computer network,Router
Journal
Volume
Issue
ISSN
27
12
1074-5351
Citations 
PageRank 
References 
13
0.72
15
Authors
5
Name
Order
Citations
PageRank
Kai Wang1728.46
Jia Chen2637.32
Huachun Zhou337054.39
Yajuan Qin418721.81
Hongke Zhang51637142.17