Isolation forest-based mechanism to defend against interest flooding attacks in named data networking

Interest flooding attacks (named as IFA) have been known as one of the most harmful security attacks in named data network (NDN), information-centric network and content-centric network. When an IFA happens, the attacker will send huge number of interest packets into the network to occupy the networ...

Full description

Saved in:
Bibliographic Details
Main Author: Huang, Chaoran
Other Authors: Ma Maode
Format: Thesis-Master by Coursework
Language:English
Published: Nanyang Technological University 2020
Subjects:
Online Access:https://hdl.handle.net/10356/143788
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Interest flooding attacks (named as IFA) have been known as one of the most harmful security attacks in named data network (NDN), information-centric network and content-centric network. When an IFA happens, the attacker will send huge number of interest packets into the network to occupy the network resources and prevent legitimate consumers from acquiring high quality of service (QoS). In order to provide efficient network service for normal users, it is critical to design an IFA detection method which can detect malicious packets accurately and rapidly. In this project, the isolation forest algorithm is introduced to tackle this IFA problem by identifying abnormal and legitimate prefix data while constructing iTrees. This method is able to detect malicious prefixes among legitimate prefixes, thereby tracing back to the attackers and restricting the forwarding of malicious interest packets. The results of some experiments show that it is a useful and efficient way to detect malicious intent flooding attacks.