Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach
文献类型:期刊论文
作者 | Xu, Zhiwei2; Wang, Xin1; Zhang, Yujun2 |
刊名 | IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
![]() |
出版日期 | 2023-07-01 |
卷号 | 20期号:4页码:3449-3465 |
关键词 | DDoS attacks persistent attack detection named date networking malicious traffic pattern lightweight advanced FM sketch |
ISSN号 | 1545-5971 |
DOI | 10.1109/TDSC.2022.3196187 |
英文摘要 | As a promising architectural design for future Internet, Named Data Networking (NDN) relies on data names, instead of destination IP addresses, to deliver data. NDN supports data authenticity and integrity by making public key signatures mandatory on data content and data names. This handles the primary security concern in NDN, but is still vulnerable to new DDoS attacks, including Cache Pollution attacks and Interest Flooding attacks, which degrade NDN transmission significantly, by violating the crucial components of NDN routers. To defend against DDoS attacks in NDN, the most effective way is to persistently detect the malicious traffic and then throttle them. Except for the usual concern of the accuracy and efficiency in attack detection, since these attacks themselves have already imposed a huge burden on victims, to avoid exhausting the remaining resources on the victims for detection purpose, a lightweight detection solution is highly desired. We study DDoS attacks and propose a persistent detection solution based on an observed malicious traffic pattern, which leverages a novel sketch to monitor the malicious traffic in a timely and lightweight way. Additionally, our analysis and experiments demonstrate that, with fixed low resource consumption, the proposed solution can persistently detect DDoS attacks in NDN. |
WOS研究方向 | Computer Science |
语种 | 英语 |
WOS记录号 | WOS:001029054600053 |
出版者 | IEEE COMPUTER SOC |
源URL | [http://119.78.100.204/handle/2XEOYT63/21273] ![]() |
专题 | 中国科学院计算技术研究所期刊论文_英文 |
通讯作者 | Xu, Zhiwei |
作者单位 | 1.SUNY Stony Brook, Dept Elect & Comp Engn, Stony Brook, NY 11794 USA 2.Chinese Acad Sci, Inst Comp Technol, Beijing 100080, Peoples R China |
推荐引用方式 GB/T 7714 | Xu, Zhiwei,Wang, Xin,Zhang, Yujun. Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,2023,20(4):3449-3465. |
APA | Xu, Zhiwei,Wang, Xin,&Zhang, Yujun.(2023).Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach.IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,20(4),3449-3465. |
MLA | Xu, Zhiwei,et al."Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach".IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 20.4(2023):3449-3465. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。