Research On Flood Attack Detection And Defense Strategy In Named Data Networking

As one of the most promising future network architectures,Named Data Network(NDN)has a content-centric network architecture,and it is expected to greatly improve the network’s support for mobility and the efficiency of content distribution.Due to its new architecture,NDN network can resist most Distributed Denial of Service(DDo S)attacks against traditional TCP/IP networks,but it also faces new network security challenges,among which Interest Flooding Attack(IFA)is the most prominent.Most of the current detection schemes have problems such as prolonged detection and excessive response to normal traffic fluctuations,while most defense schemes cannot precisely locate attacking users,which will affect legitimate user requests during the elimination process.To solve the above problems,this paper proposes an IFA detection scheme based on cumulative entropy(CE)and an IFA defense scheme based on identity authentication to improve the accuracy and speed of detection,accurately locate the attacking users and reduce the impact on the requests of legitimate users in the mitigation process.The main research work of this paper is as follows:Aiming at the problems of existing detection schemes,this paper proposes an IFA detection scheme based on cumulative entropy.Calculate the information entropy of the interest package name prefix in the sliding window,and then use the improved nonparametric cumulative sum algorithm(Cumulative SUM)to calculate the cumulative entropy.Once an IFA attack occurs,the accumulated entropy will quickly exceed the threshold,and the router will determine that there is an IFA attack in the network at this time.After the attack,the accumulated entropy quickly returns to the normal value,and the system releases the alarm.Then use the relative entropy algorithm to identify malicious prefixes to find malicious users,and the identity information of malicious users will be fed back to edge routers through the interest backtracking mechanism.Experimental results show that this scheme can detect attacks quickly and maintain a high accuracy.Aiming at the problems of existing defense scheme,this paper proposes an IFA defense scheme based on identity authentication.In this scheme,each network user is given a unique identity.When a user requests data,the interest packet sent out carries the user’s unique identity information.After an IFA attack occurs,the edge router will receive the malicious user identity information sent by the router in the network,and the edge router will verify the identity information in each received interest packet,the malicious user’s request will be directly discarded,and the legitimate user’s requests will not be affected.The experimental results show that this scheme can better eliminate the IFA attack and prevent the attack from the source.