Countermeasures of interest flooding attack in named data networking: A survey

Abstract

Named data networking (NDN) is a typical representation and implementation of information-centric networking and serves as a basis for the next-generation Internet. However, any network architectures will face information security threats. An attack named interest flooding attack (IFA), which is evolved, has becomes a great threat for NDN in recent years. Attackers through insert numerous forged interest packets into an NDN network, making the cache memory of NDN router(s) overrun, interest packets for the intended users. To take a comprehensive understanding of recent IFA detection and mitigation approaches, in this paper, we compared nine typical approaches to resolving IFA attacks for NDN, which are interest traceback, token bucket with per interface fairness, satisfaction-based interest acceptance, satisfaction-based push back, disabling PIT exhaustion, interest flow control method based on user reputation and content name prefixes, interest flow balancing method focused on the number of requests on named data networking, cryptographic route token, Poseidon local, and Poseidon distributed techniques. In addition, we conducted a simulation using Poseidon, a commonly used IFA resolution approach. The results showed that Poseidon could resolve IFA issues effectively.