143,328 research outputs found
Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking
Content-Centric Networking (CCN) is an emerging networking paradigm being
considered as a possible replacement for the current IP-based host-centric
Internet infrastructure. In CCN, named content becomes a first-class entity.
CCN focuses on content distribution, which dominates current Internet traffic
and is arguably not well served by IP. Named-Data Networking (NDN) is an
example of CCN. NDN is also an active research project under the NSF Future
Internet Architectures (FIA) program. FIA emphasizes security and privacy from
the outset and by design. To be a viable Internet architecture, NDN must be
resilient against current and emerging threats. This paper focuses on
distributed denial-of-service (DDoS) attacks; in particular we address interest
flooding, an attack that exploits key architectural features of NDN. We show
that an adversary with limited resources can implement such attack, having a
significant impact on network performance. We then introduce Poseidon: a
framework for detecting and mitigating interest flooding attacks. Finally, we
report on results of extensive simulations assessing proposed countermeasure.Comment: The IEEE Conference on Local Computer Networks (LCN 2013
ADN: An Information-Centric Networking Architecture for the Internet of Things
Forwarding data by name has been assumed to be a necessary aspect of an
information-centric redesign of the current Internet architecture that makes
content access, dissemination, and storage more efficient. The Named Data
Networking (NDN) and Content-Centric Networking (CCNx) architectures are the
leading examples of such an approach. However, forwarding data by name incurs
storage and communication complexities that are orders of magnitude larger than
solutions based on forwarding data using addresses. Furthermore, the specific
algorithms used in NDN and CCNx have been shown to have a number of
limitations. The Addressable Data Networking (ADN) architecture is introduced
as an alternative to NDN and CCNx. ADN is particularly attractive for
large-scale deployments of the Internet of Things (IoT), because it requires
far less storage and processing in relaying nodes than NDN. ADN allows things
and data to be denoted by names, just like NDN and CCNx do. However, instead of
replacing the waist of the Internet with named-data forwarding, ADN uses an
address-based forwarding plane and introduces an information plane that
seamlessly maps names to addresses without the involvement of end-user
applications. Simulation results illustrate the order of magnitude savings in
complexity that can be attained with ADN compared to NDN.Comment: 10 page
A Light-Weight Forwarding Plane for Content-Centric Networks
We present CCN-DART, a more efficient forwarding approach for content-centric
networking (CCN) than named data networking (NDN) that substitutes Pending
Interest Tables (PIT) with Data Answer Routing Tables (DART) and uses a novel
approach to eliminate forwarding loops. The forwarding state required at each
router using CCN-DART consists of segments of the routes between consumers and
content providers that traverse a content router, rather than the Interests
that the router forwards towards content providers. Accordingly, the size of a
DART is proportional to the number of routes used by Interests traversing a
router, rather than the number of Interests traversing a router. We show that
CCN-DART avoids forwarding loops by comparing distances to name prefixes
reported by neighbors, even when routing loops exist. Results of simulation
experiments comparing CCN-DART with NDN using the ndnSIM simulation tool show
that CCN-DART incurs 10 to 20 times less storage overhead
Content-Centric Networking at Internet Scale through The Integration of Name Resolution and Routing
We introduce CCN-RAMP (Routing to Anchors Matching Prefixes), a new approach
to content-centric networking. CCN-RAMP offers all the advantages of the Named
Data Networking (NDN) and Content-Centric Networking (CCNx) but eliminates the
need to either use Pending Interest Tables (PIT) or lookup large Forwarding
Information Bases (FIB) listing name prefixes in order to forward Interests.
CCN-RAMP uses small forwarding tables listing anonymous sources of Interests
and the locations of name prefixes. Such tables are immune to Interest-flooding
attacks and are smaller than the FIBs used to list IP address ranges in the
Internet. We show that no forwarding loops can occur with CCN-RAMP, and that
Interests flow over the same routes that NDN and CCNx would maintain using
large FIBs. The results of simulation experiments comparing NDN with CCN-RAMP
based on ndnSIM show that CCN-RAMP requires forwarding state that is orders of
magnitude smaller than what NDN requires, and attains even better performance
Named Multipath Depth-First Search: An SDN-based Routing Strategy for Efficient Failure Handling and Content Delivery in NDN
Information-centric networking (ICN) architectures, such as named data networking (NDN), have emerged as potential solutions for efficiently retrieving and delivering content. However, challenges remain regarding routing scalability, resilience, and caching efficiency. Software-defined networking (SDN) offers opportunities to optimize NDN implementations through centralized control and programmability. In this paper, we propose Named Multipath DFS, an SDN-based routing and caching scheme for NDN networks. NMDFS leverages a centralized controller to pre-compute multipath routes and implement coordinated caching. We evaluate NMDFS on an emulated topology testbed against default NDN and Named-data link state routing. The results demonstrate significant improvements with NMDFS, reducing overhead signalling costs by 94% and 78%, respectively, compared with other schemes. Round-trip latencies for content retrieval were reduced by up to 98%. The SDN controller’s global network view and control are leveraged to optimize content caching through packet loss-driven adaptation and eliminate redundant messaging, leading to substantial performance gains
- …