Research On Defense Strategies Of Interest Flooding Attacks In Named Data Networking

Nowadays,the usage mode of networks have gradually evolved from the traditional hostoriented connection mode to the information-centric forwarding mode.With the proposal of Information-Centric Networking(ICN),scholars are paying more and more attention to the research of data content itself.As one of the research hotspots of the future Internet architecture,Named Data Networking(NDN)shows more advantages than the traditional TCP/IP network in the aspects of network architecture design,data naming/storage/ forwarding,network mobility/security/scalability,and so on.NDN puts the security of the network in an important position at the beginning of its construction,makes it can defend against most of the security hazards in the traditional network,but the emergence of a new type of Denial of Service(Do S)Interest Flooding Attack(IFA)poses a greater threat to the network,network bandwidth and other resources will be exhausted by the attacker's traffic,and content providers will not be able to respond to users' requests.This thesis studies IFA,and aims to propose more effective defense methods for the current IFA defense limitations in terms of detection accuracy and efficiency and mitigation accuracy and cost.The main work and innovations are as follows:An IFA defense method based on isolation forest(i Forest)is proposed.In view of the deficiency of accuracy and efficiency of detecting attacks in the existing research,this method takes the analysis of the request packet name prefix as a breakthrough point,and constructs name prefix data that can reflect the state of the network.By introducing the i Forest theory,malicious prefixes and legal prefixes are divided into different locations of the isolation tree(i Tree),so as to achieve the purpose of detecting attacks and identifying malicious prefixes.After that,by limiting the forwarding of the relevant malicious Interest packets,IFA can be effectively defended.Then,through the simulation experiments,the effectiveness of the proposed method is fully demonstrated from four aspects: comparison with no defense countermeasures,comparison between different routers,comparison with typical IFA defense methods,and comparison with different parameters.An IFA defense method based on packet marking is proposed.This method mainly aims at the deficiency of the accuracy and cost of tracing the attack source in the existing research,and takes the information entropy as the basis of detection,carries the edge router information in the Interest packet and uses this information as the basis for the router to determine the identity of the attacker,then sends the traceability Data packet carrying the attack information to feed back the attack situation in the network to the edge router,and implements precise suppression.Through simulation experiments,from four aspects of verifying the shortcomings of the mitigation in existing methods,whether the router is misjudged,the satisfaction of users' Interest packets and the cost consumed in the network,it is compared with the traditional methods based on information entropy,which shows that the proposed method not only improves the accuracy of tracing the source of attack so as to avoid unnecessary impact on legitimate users,but also reduces the overhead cost caused by the mitigation process.