Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking
Abstract
Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.
- Publication:
-
arXiv e-prints
- Pub Date:
- March 2013
- DOI:
- 10.48550/arXiv.1303.4823
- arXiv:
- arXiv:1303.4823
- Bibcode:
- 2013arXiv1303.4823C
- Keywords:
-
- Computer Science - Networking and Internet Architecture;
- Computer Science - Cryptography and Security
- E-Print:
- The IEEE Conference on Local Computer Networks (LCN 2013)