Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Defense method and device for interest packet flooding attack in content-centric network

A content-centric network and content network technology, applied in transmission systems, electrical components, etc., can solve problems such as network congestion, user loss, and link failure, and achieve the effects of reducing false positives, improving accuracy, and reducing impact

Active Publication Date: 2019-10-22
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The PIT-based method mainly relies on the statistics of PIT abnormal states, and there are many factors that lead to PIT abnormalities, such as normal network fluctuations, network congestion, link failures, and attacks, etc. It is difficult to judge only from the abnormal statistics of PIT Whether the network is under attack, let alone how to defend against it
If there is a false positive for the attack, it will cause immeasurable losses to the user if the normal user's request is also regarded as an attack request and restrictive measures are taken.
In addition, if the malicious interest packet is restricted only at the node where the attack is detected, it will also have a great impact on the entire downstream network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defense method and device for interest packet flooding attack in content-centric network
  • Defense method and device for interest packet flooding attack in content-centric network
  • Defense method and device for interest packet flooding attack in content-centric network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0058] figure 2 It is a flowchart of a method for defending against an Interest packet flood attack in a content-centric network provided by an embodiment of the present invention. Such as figure 2 As shown, the defense method of the Interest packet flooding attack in the content-centric network provided by an embodiment of the present invention includes:

[0059] In step S101, the entropy values ​​of names of Interest packets received by routers in the co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and device for defending interest flooding attacks in an information centric network and relates to the field of network security. The method includes: statistically counting the entropy of the names of interest packets received by a router in the information centric network after different moments according to a preset window; using a cumulative sum algorithm to process the obtained entropy to obtain the accumulative values of the entropy at different moments; judging whether the accumulative values are smaller than a preset attack detecting threshold or not, if not, judging that interest flooding attacks are detected, and using a prefix determining algorithm based on relative entropy to search the prefix set of the names of the interest packets so as to obtain attack prefixes; generating data packets containing the attack prefixes according to the attack prefixes, and transmitting the data packets to the access router where an attacker is located according to the router information of the interest packets, containing the attack prefixes, recorded in the pending interest table of the router so as to allow the access router to perform corresponding access limitation on the received interest packets according to the attack prefixes in the data packets.

Description

technical field [0001] The present invention relates to the field of network security, in particular to a defense method and device for interest packet flooding attacks in a content-centric network. Background technique [0002] The TCP / IP network architecture has demonstrated its practicability in the decades of development of the Internet, especially in the face of many upper and lower layers of new technologies and applications. However, with the development of the Internet, users' demand for services such as network mobility, content distribution, and security continues to increase, and problems in existing networks' support for mobility, content distribution, and security are gradually exposed. In order to cope with these new types of services, the academic community has proposed a new type of network architecture——Information Centric Network (ICN). As an instantiated model of ICN, Named Data Networking (NDN) is suitable for content distribution and is extremely compet...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 辛永辉李杨李唯源陈鑫
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com