中国科学院机构知识库网格
Chinese Academy of Sciences Institutional Repositories Grid
Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach

文献类型:期刊论文

作者Xu, Zhiwei2; Wang, Xin1; Zhang, Yujun2
刊名IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
出版日期2023-07-01
卷号20期号:4页码:3449-3465
关键词DDoS attacks persistent attack detection named date networking malicious traffic pattern lightweight advanced FM sketch
ISSN号1545-5971
DOI10.1109/TDSC.2022.3196187
英文摘要As a promising architectural design for future Internet, Named Data Networking (NDN) relies on data names, instead of destination IP addresses, to deliver data. NDN supports data authenticity and integrity by making public key signatures mandatory on data content and data names. This handles the primary security concern in NDN, but is still vulnerable to new DDoS attacks, including Cache Pollution attacks and Interest Flooding attacks, which degrade NDN transmission significantly, by violating the crucial components of NDN routers. To defend against DDoS attacks in NDN, the most effective way is to persistently detect the malicious traffic and then throttle them. Except for the usual concern of the accuracy and efficiency in attack detection, since these attacks themselves have already imposed a huge burden on victims, to avoid exhausting the remaining resources on the victims for detection purpose, a lightweight detection solution is highly desired. We study DDoS attacks and propose a persistent detection solution based on an observed malicious traffic pattern, which leverages a novel sketch to monitor the malicious traffic in a timely and lightweight way. Additionally, our analysis and experiments demonstrate that, with fixed low resource consumption, the proposed solution can persistently detect DDoS attacks in NDN.
WOS研究方向Computer Science
语种英语
WOS记录号WOS:001029054600053
出版者IEEE COMPUTER SOC
源URL[http://119.78.100.204/handle/2XEOYT63/21273]  
专题中国科学院计算技术研究所期刊论文_英文
通讯作者Xu, Zhiwei
作者单位1.SUNY Stony Brook, Dept Elect & Comp Engn, Stony Brook, NY 11794 USA
2.Chinese Acad Sci, Inst Comp Technol, Beijing 100080, Peoples R China
推荐引用方式
GB/T 7714
Xu, Zhiwei,Wang, Xin,Zhang, Yujun. Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,2023,20(4):3449-3465.
APA Xu, Zhiwei,Wang, Xin,&Zhang, Yujun.(2023).Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach.IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,20(4),3449-3465.
MLA Xu, Zhiwei,et al."Towards Persistent Detection of DDoS Attacks in NDN: A Sketch-Based Approach".IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 20.4(2023):3449-3465.

入库方式: OAI收割

来源:计算技术研究所

浏览0
下载0
收藏0
其他版本

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。