The Detection Method of Collusive Interest Flooding Attacks Based on Prediction Error in NDN

Abstract

Named Data Networking (NDN) is one of the main research projects of the information center network (ICN), and its efficient forwarding mechanism attaches the attention of researchers. Like other networks, NDN also faces the threat of cyber attacks. With the assistance of the colluding server, the Collusive Interest Flooding Attacks (CIFA) can use the defects of the NDN's internal forwarding mechanism to send malicious interest packets in the form of pulses. It affects the normal requests of legitimate users and reduces the quality of NDN network services in this way. By analyzing the characteristics of network traffic and CIFA model, a new CIFA detecting method based on the prediction error between particle filter and one-step prediction algorithm is proposed. This scheme samples the network traffic and judges whether the network is under attack by comparing the normalized error value of the one-step prediction and the estimate of the particle filter. Experimental analysis shows that the detection scheme in this paper has higher detection rate than the existing detection schemes.