Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Defending method for malicious request packet of interest attacks in NDN (Named Data Networking)

An interest packet and malicious technology, applied in security devices, network traffic/resource management, electrical components, etc., can solve problems such as low node work efficiency, suppression of normal requesting user network access capabilities, normal user performance constraints, etc., to ensure the overall Reliability, the effect of reducing the packet loss rate of request interest packets

Active Publication Date: 2016-11-16
JIANGSU UNIV
View PDF3 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In fact, this rate limiting mechanism has obvious disadvantages. The rate limit is based on the satisfaction rate of the downlink interface. At the same time, it also limits the rate of legitimate request interest packets, which significantly inhibits the network access capabilities of normal requesting users, so it needs to be improved.
[0008] Documents [1-2] all adopt the downlink interface rate-limiting mechanism to defend against malicious request interest packet attacks, but this mechanism does not differentiate between requests from normal users and requests from malicious users, resulting in serious constraints on the performance of normal users
In addition, since malicious request interest packets are often scattered on each downlink interface, NDN nodes need to restrict each downlink interface, making the overall work efficiency of the node extremely low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defending method for malicious request packet of interest attacks in NDN (Named Data Networking)
  • Defending method for malicious request packet of interest attacks in NDN (Named Data Networking)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The technical solution of the present invention will be described in further detail below in conjunction with the accompanying drawings.

[0031] Assuming an NDN network scenario such as figure 1 As shown, the network topology is set to a 5-layer structure, each layer of the network has 20 nodes, and each node has 10 downlink interfaces. The data source can provide a total of 5000 contents, which can be divided into 50 categories according to the popularity of the contents, that is, each category contains 100 contents, and the ratio of the cache size to the total amount of network contents is 0.01. The cache replacement strategy adopts the least recent replacement strategy (LRU). The request Interest packet sent by the user obeys the Zipf-like distribution of α=1.2, and the arrival rate of the interface routing node user request Interest packet is 10 4 pieces / second, the average network round-trip delay for content acquisition is 8ms, the entry survival time of the rou...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a defending method for malicious request packet of interest attacks in an NDN (Named Data Networking). An average packet of interest loss rate of a next hop forwarding node is queried periodically. Selectable forwarding nodes are divided into a reliable group and an unreliable group. A corresponding forwarding probability is set according to a downlink interface packet of interest fill rate of currently received request packets of interest and a requested content class. According to the probability, a certain node in the reliable group and the unreliable group is selected as the forwarding node. The user malicious requests are forwarded to the unreliable group in large probability, thereby converging malicious request streams. On this base, with respect to forwarding traffic of an uplink interface, a speed is limited according to the average packet of interest loss rate of a forwarding target group. The ratio in the forwarding streams after limitation of the speed is determined according to a source interface fill rate of the request packets of interest. The user malicious requests are effectively eliminated. The method can be applied to the NDN with the user malicious requests. The reliability of the network can be effectively ensured.

Description

technical field [0001] The present invention relates to a data naming network (NDN: Named Data Networking), and specifically designs a defense method for malicious request interest packet attacks in NDN (H04W28 / 14 uses intermediate memory; H04Q3 / 495 is used for routing connection channels). Background technique [0002] "Data content-centered" is the core design idea of ​​the next-generation Internet architecture. Since 2006, foreign academic circles have carried out a number of research projects on the next-generation Internet architecture, including the "data-oriented Network Architecture" (Data-Oriented Network Architecture, DONA), EU FP7 4WARD and "Publish / Subscribe Internet Routing Paradigm" (The Publish-Subscribe Internet Routing Paradigm, PSIRP), the Named Data Network (Named Data Network) proposed by UCLA Networking, NDN), etc., among which NDN is more representative and is currently a research hotspot of the next generation Internet architecture. Unlike the traditi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04W12/08H04W28/10H04L29/06
CPCH04L63/1441H04W12/08H04W28/10
Inventor 朱轶龚朴吴环宇康浩浩
Owner JIANGSU UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products