Detection of malicious consumer interest packet with dynamic threshold values
| العنوان: | Detection of malicious consumer interest packet with dynamic threshold values |
|---|---|
| المؤلفون: | Rao Naveed Bin Rais, Adnan Mahmood Qureshi, Amir Qayyum, Masood Ur-Rehman, Nadeem Anjum |
| المصدر: | PeerJ Computer Science, Vol 7, p e435 (2021) PeerJ Computer Science |
| بيانات النشر: | PeerJ Inc., 2021. |
| سنة النشر: | 2021 |
| مصطلحات موضوعية: | General Computer Science, Exploit, Computer Networks and Communications, Computer science, 02 engineering and technology, lcsh:QA75.5-76.95, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Content poisoning attacks, Emerging Technologies, Block (data storage), Network architecture, business.industry, Network packet, Node (networking), Security and Privacy, 020206 networking & telecommunications, 020207 software engineering, Flooding (computer networking), Malicious consumer interest packet, Dynamic threshold, Enhanced Data Rates for GSM Evolution, lcsh:Electronic computers. Computer science, business, Computer network, Named data networking, Mitigation techniques |
| الوصف: | As a promising next-generation network architecture, named data networking (NDN) supports name-based routing and in-network caching to retrieve content in an efficient, fast, and reliable manner. Most of the studies on NDN have proposed innovative and efficient caching mechanisms and retrieval of content via efficient routing. However, very few studies have targeted addressing the vulnerabilities in NDN architecture, which a malicious node can exploit to perform a content poisoning attack (CPA). This potentially results in polluting the in-network caches, the routing of content, and consequently isolates the legitimate content in the network. In the past, several efforts have been made to propose the mitigation strategies for the content poisoning attack, but to the best of our knowledge, no specific work has been done to address an emerging attack-surface in NDN, which we call an interest flooding attack. Handling this attack-surface can potentially make content poisoning attack mitigation schemes more effective, secure, and robust. Hence, in this article, we propose the addition of a security mechanism in the CPA mitigation scheme that is, Name-Key Based Forwarding and Multipath Forwarding Based Inband Probe, in which we block the malicious face of compromised consumers by monitoring the Cache-Miss Ratio values and the Queue Capacity at the Edge Routers. The malicious face is blocked when the cache-miss ratio hits the threshold value, which is adjusted dynamically through monitoring the cache-miss ratio and queue capacity values. The experimental results show that we are successful in mitigating the vulnerability of the CPA mitigation scheme by detecting and blocking the flooding interface, at the cost of very little verification overhead at the NDN Routers. |
| اللغة: | English |
| تدمد: | 2376-5992 |
| الوصول الحر: | https://explore.openaire.eu/search/publication?articleId=doi_dedup___::a3796a6ca6a8004ce01b135461eb3f52Test https://peerj.com/articles/cs-435.pdfTest |
| حقوق: | OPEN |
| رقم الانضمام: | edsair.doi.dedup.....a3796a6ca6a8004ce01b135461eb3f52 |
| قاعدة البيانات: | OpenAIRE |
| تدمد: | 23765992 |
|---|