Design of security scheme to protect information-centric networks

Named Data Networking (NDN) is a newly proposed next-generation Internet architecture that uses the name of data to forward and route the packet. As a potential candidate for future internet architecture, it is crucial to address the security and privacy issues in NDN. NDN is vulnerable to a new typ...

Full description

Saved in:
Bibliographic Details
Main Author: Jiang, Huiying
Other Authors: Ma Maode
Format: Final Year Project
Language:English
Published: Nanyang Technological University 2021
Subjects:
Online Access:https://hdl.handle.net/10356/149334
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Named Data Networking (NDN) is a newly proposed next-generation Internet architecture that uses the name of data to forward and route the packet. As a potential candidate for future internet architecture, it is crucial to address the security and privacy issues in NDN. NDN is vulnerable to a new type of Distributed Denial of Service (DDoS) attacks called Interest Flooding Attack (IFA). The attackers can send a massive amount of Interest requests to overwhelm the PIT, resulting in network disruption for legitimate users. This report proposes Binary Tree Based IFA Detection and Fair Interface Mitigation Scheme (BFI) to protect NDN from IFA. The scheme allows each NDN router to use binary trees to detect IFA and mitigates IFA by limiting the number of Interest requests forwarded from the contaminated routers. The evaluation through simulations shows that BFI can quickly and accurately identify and respond to IFA in NDN.