I-CIFA: An improved collusive interest flooding attack in named data networking

Abstract

Named Data Network (NDN) as a new network architecture, in recent years become a hot research, its security has been widespread concern. With the continuous updating of distributed denial of service (DDoS) attack methods in NDN networks, this article designs a new type of attack, called the Improved Collusive Flooding Attack (I-CIFA). I-CIFA attack combines the advantages of mainstream DDoS attack in NDN network, and is an attack method generated by low-rate DDoS attack and the cooperation of collusive producer. On the basis of the existing DDoS attack, the I-CIFA attack further improves the ability to destroy the network and the ability to resist the existing defense scheme. I-CIFA is designed on the basis of CIFA by improving the attack nodes and so on. In addition to redefining and configuring the attack parameters, improvements were also made in two aspects. First, the probing mode to probe the pending interest table (PIT) capacity of the routing nodes was added before attack started. Second, the way in which each attacker requests a packet from the collusive producer in each attack cycle has been further improved. Test results show that I-CIFA can cause 87.5% of the legitimate interest packets in the whole network to be discarded, and it is not only has a strong attack range on the network, but it is also difficult to be detected by existing CIFA-countermeasures.