Institute of Computing Technology, Chinese Academy IR
| Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach | |
| Xu, Zhiwei1; Wang, Xin2; Zhang, Yujun1 | |
| 2023-07-01 | |
| 发表期刊 | IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
 |
| ISSN | 1545-5971 |
| 卷号 | 20期号:4页码:3449-3465 |
| 摘要 | As a promising architectural design for future Internet, Named Data Networking (NDN) relies on data names, instead of destination IP addresses, to deliver data. NDN supports data authenticity and integrity by making public key signatures mandatory on data content and data names. This handles the primary security concern in NDN, but is still vulnerable to new DDoS attacks, including Cache Pollution attacks and Interest Flooding attacks, which degrade NDN transmission significantly, by violating the crucial components of NDN routers. To defend against DDoS attacks in NDN, the most effective way is to persistently detect the malicious traffic and then throttle them. Except for the usual concern of the accuracy and efficiency in attack detection, since these attacks themselves have already imposed a huge burden on victims, to avoid exhausting the remaining resources on the victims for detection purpose, a lightweight detection solution is highly desired. We study DDoS attacks and propose a persistent detection solution based on an observed malicious traffic pattern, which leverages a novel sketch to monitor the malicious traffic in a timely and lightweight way. Additionally, our analysis and experiments demonstrate that, with fixed low resource consumption, the proposed solution can persistently detect DDoS attacks in NDN. |
| 关键词 | DDoS attacks persistent attack detection named date networking malicious traffic pattern lightweight advanced FM sketch |
| DOI | 10.1109/TDSC.2022.3196187 |
| 收录类别 | SCI |
| 语种 | 英语 |
| WOS研究方向 | Computer Science |
| WOS类目 | Computer Science, Hardware & Architecture ; Computer Science, Information Systems ; Computer Science, Software Engineering |
| WOS记录号 | WOS:001029054600053 |
| 出版者 | IEEE COMPUTER SOC |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/21274 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Xu, Zhiwei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, Beijing 100080, Peoples R China 2.SUNY Stony Brook, Dept Elect & Comp Engn, Stony Brook, NY 11794 USA |
| 推荐引用方式 GB/T 7714 | Xu, Zhiwei,Wang, Xin,Zhang, Yujun. Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,2023,20(4):3449-3465. |
| APA | Xu, Zhiwei,Wang, Xin,&Zhang, Yujun.(2023).Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach.IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,20(4),3449-3465. |
| MLA | Xu, Zhiwei,et al."Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach".IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 20.4(2023):3449-3465. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论