Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method for relieving flooding attacks of hidden interest packets in a named data network

A named data network and flooding attack technology, which is applied in the field of mitigating hidden interest packet flooding attacks in named data networks, can solve problems such as inability to accurately distinguish attackers, low-speed attack sensitivity, and legitimate user request damage, etc., to achieve Effect of Avoiding Data Access Requests

Inactive Publication Date: 2019-05-31
SOUTHEAST UNIV +1
View PDF7 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

First, the existing mechanism enables the intermediate routers close to the attacker to independently detect and defend against attacks, and focuses on the typical Interest packet flooding attack scenario, that is, the attacker directly sends unsatisfied malicious Interest packets at a fixed and high speed To carry out the attack, when a relatively hidden interest packet flood attack occurs, the performance of the existing mechanism may decrease to a certain extent, because each intermediate router makes an independent decision when attack detection and defense, which may make the attack detection time Second, because the existing mechanism cannot accurately distinguish between the Interest packets sent by attackers and the Interest packets sent by legitimate users, requests from legitimate users may be Third, since the Interest packet does not carry any information related to its sender, it is difficult for the existing mechanism to locate the attacker after the attack is detected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for relieving flooding attacks of hidden interest packets in a named data network
  • A method for relieving flooding attacks of hidden interest packets in a named data network
  • A method for relieving flooding attacks of hidden interest packets in a named data network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0031] In the present invention, the controller monitors the network from the perspective of the entire network to timely detect concealed interest packet flooding attacks and effectively locate attackers, and then take targeted defense measures. The so-called covert interest packet flooding attack means that the attacker sends malicious interest packets at a low speed at the beginning of the attack, but then gradually increases the attack speed, so that the relevant state data of the router changes gradually and is not easy to detect. Routers that are directly connected to users or attackers are called access routers, and other routers are called intermediate routers.

[0032] NDN routers are responsible for continuously monitoring their status. When anomalies are detected, such as the interest packet satisfaction rate is too low, the distribution of receiv...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for alleviating a hidden interest packet flooding attack in a named data network, which comprises the following steps: detecting the state of each interface based on an access router, and limiting the interest packet receiving speed of an attacked interface for determining the interface subjected to the interest packet flooding attack; for an interface which cannotdetermine whether the attack is an interest packet flooding attack, reporting abnormal information to the controller; the controller judges whether an interest packet flooding attack exists in the network or not according to the received abnormal information, and informs an access router of a judgment result; if the controller notifies the access router that the access router is not attacked, regarding all interfaces of the access router as normal interfaces by the access router, and ending attack defense; otherwise, the access router reads the attacked interface list from the notification message and limits the interest packet receiving speed of the malicious interface. According to the method, the existence of the hidden interest packet flooding attack can be detected in time, the attacker can be accurately and effectively positioned, then targeted defense measures are taken, and the data access request of a legal user is prevented from being damaged.

Description

technical field [0001] The invention belongs to the technical field of future network architecture, and in particular relates to a method for alleviating the flooding attack of concealed interest packets in a named data network. Background technique [0002] Named Data Networking (NDN) is one of the most promising next-generation network architectures. NDN names the content in the network, making data the core of the entire network. Network communication in NDN is driven by the receiver of the data, and the user sends an Interest packet with the name of the desired content to request the content. The intermediate router forwards the Interest packet according to the name, and the matching data packet carries the content requested by the user and returns to the requester of the content in the opposite direction of the corresponding Interest packet path. NDN supports stateful forwarding. Each NDN router needs to maintain in its PIT the state (i.e., a PIT entry) for each Inte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/721
Inventor 程光赵丽侠胡晓艳吴桦郑少琦
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com