Publication:
LogDoS: a novel logging-based DDoS prevention mechanism in path identifier-based information centric networks

Thumbnail Image

Departments

School / College / Institute

Program

KU Authors

Co-Authors

Al-Duwairi, Basheer

Publication Date

Language

Embargo Status

NO

Journal Title

Journal ISSN

Volume Title

Alternative Title

Abstract

Information Centric Networks (ICNs) have emerged in recent years as a new networking paradigm for the next-generation Internet. The primary goal of these networks is to provide effective mechanisms for content distribution and retrieval based on in-network content caching. Several network architectures were proposed in recent years to realize this communication model. This include Named Data Networks (NDN) and Path-Identifier (PID) based ICN. This paper proposes LogDoS as a novel mechanism to address the problem of data flooding attacks in PID-based ICNs. The proposed LogDoS mechanism is a unique hybrid approach that combines the best of NDN networks and PID-based ICNs, and it is the first to employ Bloom-filter based logging approach in a novel way to filter attack traffic efficiently. In this context, we develop and model three versions of LogDoS with varying levels of storage overhead at LogDoS-enabled routers. Extensive simulation experiments show that LogDoS is very effective against DDoS attacks as it can filter more than 99.98% of attack traffic in different attack scenarios while incurring acceptable storage overhead.

Source

Publisher

Elsevier

Subject

Computer science, Information systems

Citation

Has Part

Source

Computers and Security

Book Series Title

Edition

DOI

10.1016/j.cose.2020.102071

item.page.datauri

Link

Rights

Copyrights Note

Endorsement

Review

Supplemented By

Referenced By

1

Views

9

Downloads

View PlumX Details