Browse > Article
http://dx.doi.org/10.9717/kmms.2013.16.8.954

A Study on Countermeasure for CCN Interest Flooding Attack  

Kim, DaeYoub (수원대학교 정보보호학과)
Publication Information
Journal of Korea Multimedia Society / v.16, no.8, 2013 , pp. 954-961 More about this Journal
Abstract
To enhance the efficiency of network, content-centric networking (CCN), one of future Internet architectures, allows network nodes to temporally cache transmitted contents and then to directly respond to request messages which are relevant to previously cached contents. Also, since CCN uses a hierarchical content-name, not a host identity like source/destination IP address, for request/response packet routing and CCN request message does not include requester's information for privacy protection, contents-providers/ network nodes can not identify practical requesters sending request messages. So to send back relevant contents, network nodes in CCN records both a request message and its incoming interfaces on Pending Interest Table (PIT). Then the devices refer PIT to return back a response message. If PIT is exhausted, the device can not normally handle request/response messages anymore. Hence, it is needed to detect/react attack to exhaust PIT. Hence, in this paper, we propose improved detection/reaction schemes against attacks to exhaust PIT. In practice, for fine-grained control, this proposal is applied to each incoming interface. Also, we propose the message framework to control attack traffic and evaluate the performance of our proposal.
Keywords
Future Internet; CCN; DoS/DDoS Attack; Attack Detection;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 D.D. Clark, "The Design Philosophy of the DARPA Internet Protocols," ACM Sigcomm Comp. Comm. Review, Vol. 18, No. 1, pp. 106-114, 1988.   DOI
2 B. Ahlgren, C. Dannewitz, C. Imbrenda, D. Kutscher, and B. Ohlmann, "A Survey of Information-Centric Networking," IEEE Communications Magazine, Vol. 50, No. 7, pp. 26- 36, 2012.
3 V. Jacobson, D. Smetters, J. Thornton, M. Plass, N. Briggs, and R. Braynard, "Networking Named Content," 5th International Conference on Emerging Networking Experiments and Technologies, pp. 1-12, 2009.
4 The NDN project team, Named Data Networking (NDN) Project, NDN technical Report NDO-0001, 2010.
5 김대엽, "효율적인 데이터 교환을 위한 Content-Centric Networking 식별자 방안," 멀티미디어학회논문지, 제15권, 제9호, pp. 1126-1132, 2012.
6 J. Lee and D. Kim, "Device Mobility Management in Content-Centric Networking," IEEE Ccomm. Magazine, Vol. 50, No. 12, pp. 28-34, 2012.
7 D.Y. Kim and J.H. Lee, "How to Make Content Centric Network (CCN) More Robust Against DoS/DDoS Attack," IEICE Trans. Commun. Vol. E96-B, No. 1, pp. 313-316, 2013.
8 C. Park, T. Kwon, and Y. Choi, "Scalability Problem for Interest Diffusion in Content- Centric Network," in Proc. of The 14th Conference on Next Generation Communication Software (NCS), 2010.
9 CCNx Interst Message, http://www.ccnx. org/releases/latest/technical/InterestMessage.html, 2013.
10 CCNx Content Object, http://www.ccnx.org/releases/latest/technical/ContentObject.html,2013.