Research On Defense Solutions Of IFA In Named Data Networking

In recent years,Information-centric Networking(ICN)has won the attention of experts and scholars at home and abroad for its information sharing method with data content as a resource.Among them,Named Data Networking(NDN)has certain advantages in information interaction and data storage,and has become a typical representative of ICN,and is one of the research hotspots for the future Internet architecture.Although NDNs have unique advantages over traditional networks,a new type of denial of service attack,the Interest Flooding Attack(IFA),has emerged based on the way information interacts in the network and its characteristics.A malicious user sends a large number of Interest packets with a "malicious prefix" to the network to request data content that the network cannot accommodate.As a result,the Pending Interest Table(PIT)storage space in the NDN router is occupied and the legitimate user cannot receive the requested content,thus reducing the efficiency of the network service.To address the harm caused by IFA to the network,this paper designs an IFA defence scheme to ensure that the rights of legitimate users are not infringed.In this regard,the following research will be undertaken in this paper.Firstly,the naming rules of NDN,the structure of packets,the data structure of routers,and the forwarding mechanism of packets are elaborated.The types and characteristics of IFA attacks are also further analysed,and existing IFA defence schemes in the NDN domain are summarised and collated,while their limitations are pointed out.Then,this paper proposes an IFA defence scheme based on enhanced isolation forest for IFA.The scheme uses the enhanced isolation forest in attack detection.By distinguishing legitimate prefixes and abnormal prefixes carried by Interest packets in the process of constructing the enhanced isolation forest,and then further judging the abnormal prefixes,malicious prefixes can be accurately detected.After attack detection,mitigation measures are implemented to minimise the damage caused by IFAs through blacklisting mechanisms and sending notification packets to downstream routers.Finally,this paper compares the proposed approach with three existing defence schemes through simulation experiments to verify the effectiveness and superiority of the proposed approach in terms of whether the four schemes can detect the full number of malicious prefixes,the effect of the four schemes with different numbers of malicious prefixes,and the network performance at different attack rates.