| With the rapid development of information technology and the change of user needs,the defects of the traditional IP address-based network architecture have become particularly prominent,which has led to people's research on information center networks.The information center network architecture has completely transformed the point-to-point communication mode in the traditional network,and content is the core of the information center network architecture.In the information center network system,content producers publish data based on content identification,and content consumers also obtain data based on content identification.There is no user information in the network,which guarantees the user's information security to a certain extent.However,the flooding attacks in the information center network architecture have not been well solved,and these problems directly affect the development of the information center network architecture.The main flooding attack form in the information center network is interest packet flooding,while false interest packet flooding is the main interest packet flooding form because of its easy to launch and strong destructive power.This article focuses on the flood attack of false interest packets,and mainly focuses on two innovations: detection methods and mitigation strategies.First,in the information center network,the router is the core of the network.The main target of flooding attacks of false interest packets is routing nodes.In the method of detecting routing node attacks,most of the existing research methods use artificial Threshold means for attack detection,this method is less adaptable to complex network environments.This paper proposes a new detection algorithm based on random forest and XGBoost for this problem.This algorithm detects flood attacks through model learning.For feature selection,this algorithm uses the ensemble learning algorithm random forest for feature selection.This paper verifies the improvement of attack accuracy of this algorithm through comparative experiments.Second,the concept of IP addresses does not exist in the information center network,so routing nodes detect attacks and cannot take measures against specific users,thereby affecting the data of normal users in flood mitigation strategies.This paper proposes a new flood attack mitigation strategy for this problem.The routing port is used as the mitigation granularity in the strategy.The reputation value of the port is evaluated by the reputation degree,and the potential attack content name prefix is judged based on the Gini impurity,thereby limiting the maliciousness.Interest name with content name prefix.This paper verifies the effectiveness of mitigation strategies through comparative experiments. |
PDF Full Text Request