• Title/Summary/Keyword: PIT(Pending Interest Table)

Search Result 5, Processing Time 0.018 seconds

A Method for Enhancing Timely-Delivery and Security Using IGPT in Content-Centric Networking (콘텐츠 중심 네트워킹에서 IGPT를 이용한 적시성 및 보안성 향상 방안)

  • Jung, Seunghoon;Park, Heungsoon;Kwon, Taewook
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.11
    • /
    • pp.743-754
    • /
    • 2014
  • Recently, Information-Centric Networking(ICN), different from traditional IP-based networking, has been highlighted. Content-Centric Networking(CCN), proposed by Van Jacobson, is a representative scheme of the ICN architectures. It can deliver messages slightly faster than the IP-based networking by focusing on the access and delivery to the content itself. However, CCN is restricted to distribute the information without transmitting the request packet in advance because it is pull-based architecture by content requester. In addition, it has a problem that the Pending Interest Table(PIT) could be overloaded easily when DDoS attack happens. In this paper, we suggest an algorithm using a push-based scheme without request packets and overcoming PIT overload situation by Interest Group Push Table(IGPT). The proposed scheme enables to transmit a large amount of content than an existing scheme during the same amount of time in terms of timely-delivery and security.

A Study on Fake Data Filtering Method of CCN (콘텐츠 중심 네트워킹 환경에서의 Fake Data Filtering Method 연구)

  • Kim, DaeYoub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.1
    • /
    • pp.155-163
    • /
    • 2014
  • To enhance network efficiency, content-centric networking (CCN) proposes that intermediated network nodes on a content-delivery path temporally cache transmitted contents. Then if an intermediated node receives a content request message (Interest) for previously cached content, the node directly transmits the cached content as a response message (Data) to requestors and finishes the transmission of the received Interest. Since Interest is performed by intermediated network nodes, it is possible to efficiently transmit contents and to effectively solve a network congestion problem caused around contents sources. For that, CCN utilizes both content store to temporarily cache content and pending Interest table (PIT) to record Interest incoming Face. However, it has mentioned the possibility of denial service attack using both the limitation of PIT resource and fake Interests. In this paper, we briefly describe the presented PIT flooding attack utilizing fake Interest. Then we introduce new attack possibility using fake Data and propose a countermeasure for the proposed attack. Also we evaluate the performance of our proposal.

A Study on Countermeasure for CCN Interest Flooding Attack (콘텐츠 중심 네트워킹 환경에서의 Interest Packet Flooding 대응 연구)

  • Kim, DaeYoub
    • Journal of Korea Multimedia Society
    • /
    • v.16 no.8
    • /
    • pp.954-961
    • /
    • 2013
  • To enhance the efficiency of network, content-centric networking (CCN), one of future Internet architectures, allows network nodes to temporally cache transmitted contents and then to directly respond to request messages which are relevant to previously cached contents. Also, since CCN uses a hierarchical content-name, not a host identity like source/destination IP address, for request/response packet routing and CCN request message does not include requester's information for privacy protection, contents-providers/ network nodes can not identify practical requesters sending request messages. So to send back relevant contents, network nodes in CCN records both a request message and its incoming interfaces on Pending Interest Table (PIT). Then the devices refer PIT to return back a response message. If PIT is exhausted, the device can not normally handle request/response messages anymore. Hence, it is needed to detect/react attack to exhaust PIT. Hence, in this paper, we propose improved detection/reaction schemes against attacks to exhaust PIT. In practice, for fine-grained control, this proposal is applied to each incoming interface. Also, we propose the message framework to control attack traffic and evaluate the performance of our proposal.

A Study on the Prevention of DDoS Attack on PITs in NDN(Named Data Networking) (NDN(Named Data Networking)의 PIT에 대한 DDoS 공격 방지 연구)

  • Jeong, Soo-Rim;Choi, Hyoung-Kee
    • Annual Conference of KIPS
    • /
    • 2020.11a
    • /
    • pp.354-357
    • /
    • 2020
  • DDoS(Distributed Denial of Service) 공격은 현재의 인터넷 환경뿐만 아니라 NDN에서도 정상적인 서비스를 저해시키는 주요 문제이며 이에 관련된 다양한 연구들이 진행되고 있다. 본 논문에서는 DDoS 공격이 가해질 때 NDN 라우터의 PIT(Pending Interest Table) 가용성 저해로 인해 발생하는 문제 해결에 중점을 둔다. 이를 위한 방안으로 RED(Random Early Detection) 알고리즘을 기반으로 하는 기법을 적용하고, 시뮬레이션을 통한 측정 결과를 보여준다.

Provider's Mobility Supporting Proactive Neighbor Pushing Scheme in CCN (CCN에서 정보제공자의 이동성 지원을 위한 푸싱 기법)

  • Woo, Taehee;Kwon, Taewook
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.19 no.6
    • /
    • pp.721-729
    • /
    • 2016
  • CCN(Content-Centric Network) enables users to retrieve content using the content's name. Researchers face critical challenges in terms of mobility. Since the routing information is part of the content name, when the provider moves, it is necessary to update all the routers routing information. However, this requires significant costs. In this paper, we propose PNPCCN(Proactive Neighbor Pushing CCN), considering the popularity and rarity of mobility support, for providers in CCN environments. Via simulation studies, we demonstrate that our solutions are effective in terms of shorter numbers of retransmitted Interest packets, and average download times and higher delivery ratios during mobility.