Publication: LogDoS: a novel logging-based DDoS prevention mechanism in path identifier-based information centric networks
Files
Program
KU Authors
Co-Authors
Al-Duwairi, Basheer
Publication Date
Language
Type
Embargo Status
NO
Journal Title
Journal ISSN
Volume Title
Alternative Title
Abstract
Information Centric Networks (ICNs) have emerged in recent years as a new networking paradigm for the next-generation Internet. The primary goal of these networks is to provide effective mechanisms for content distribution and retrieval based on in-network content caching. Several network architectures were proposed in recent years to realize this communication model. This include Named Data Networks (NDN) and Path-Identifier (PID) based ICN. This paper proposes LogDoS as a novel mechanism to address the problem of data flooding attacks in PID-based ICNs. The proposed LogDoS mechanism is a unique hybrid approach that combines the best of NDN networks and PID-based ICNs, and it is the first to employ Bloom-filter based logging approach in a novel way to filter attack traffic efficiently. In this context, we develop and model three versions of LogDoS with varying levels of storage overhead at LogDoS-enabled routers. Extensive simulation experiments show that LogDoS is very effective against DDoS attacks as it can filter more than 99.98% of attack traffic in different attack scenarios while incurring acceptable storage overhead.
Source
Publisher
Elsevier
Subject
Computer science, Information systems
Citation
Has Part
Source
Computers and Security
Book Series Title
Edition
DOI
10.1016/j.cose.2020.102071