Detecting And Mitigating DDoS Attack In Content Centric Network

With the inefficient content distribution and high probability of network congestion, TCP/IP network reveals to be increasingly unable to meet the current demand that is aroused by the explosively growing data along with the development of Internet and globalization of information. Content Centric Network(CCN), which is considered as one of most promising future network, appears to be able to solve these requirements as it aims to satisfy the increasing demand for highly efficient content distribution. As Content Centric Network adopts the concept of data-oriented instead of host-oriented which is accepted in current IP network, user in CCN only use the content name that user interested in to pull the desired data rather than resolving IP from DNS and forwarding the request. Meanwhile, because of the particular structure of router – content store, router will cache the data, that passes by the router and has not stored in content store. When subsequent request comes to the router, router will return the cached data directly if the requested data hits in the content store, and discard the request instead of forwarding it. Such mechanism not only can efficiently improve the data distribution, but also immunes to some existing DDoS attack in current IP network. However,Content Centric Network suffers from a new DDoS attack – Interest Flooding Attack(IFA) dues to its special design.In our study, we analysis the characteristic of router when it subjects to the interest?ooding attack. And we find that the randomness of content name in PIT rises rapidly and keeps at high level during attacking when router suffers from interest ?ooding attack. Based on which we put forward an entropy based detecting mechanism to quickly detect the attack. Meanwhile, we also come up with an entropy based mitigating mechanism to relieve the attack in accordance with the distribution of new created PIT entry when router suffers from interest ?ooding attack. In the end, we verify our detecting and mitigating mechanism to be feasible and effective via experimental simulation.