A hybrid multiobjective RBF-PSO method for mitigating DoS attacks in Named Data Networking

Article English OPEN
Karami, Amin ; Guerrero-Zapata, Manel (2014)
  • Publisher: Elsevier
  • Related identifiers: doi: 10.1016/j.neucom.2014.11.003
  • Subject: DoS attacks | NSGA II | Intelligent hybrid algorithm | :Informàtica::Arquitectura de computadors [Àrees temàtiques de la UPC] | Algorismes genètics | Genetic algorithms | Particle Swarm Optimization | Computer networks -- Security measures | Named Data Networking | RBF neural networks | Ordinadors, Xarxes d' -- Mesures de seguretat

Named Data Networking (NDN) is a promising network architecture being considered as a possible replacement for the current IP-based (host-centric) Internet infrastructure. NDN can overcome the fundamental limitations of the current Internet, in particular, Denial-of-Service (DOS) attacks. However, NDN can be subject to new type of DoS attacks namely Interest flooding attacks and content poisoning. These types of attacks exploit key architectural features of NDN. This paper presents a new intelligent hybrid algorithm for proactive detection of DoS attacks and adaptive mitigation reaction in NDN. In the detection phase, a combination of multiobjective evolutionary optimization algorithm with PSO in the context of the RBF neural network has been applied in order to improve the accuracy of DoS attack prediction. Performance of the proposed hybrid approach is also evaluated successfully by some benchmark problems. In the adaptive reaction phase, we introduced a framework for mitigating DoS attacks based on the misbehaving type of network nodes. The evaluation through simulations shows that the proposed intelligent hybrid algorithm (proactive detection and adaptive reaction) can quickly and effectively respond and mitigate DoS attacks in adverse conditions in terms of the applied performance criteria. Peer Reviewed
  • References (101)
    101 references, page 1 of 11

    [1] Conti, M., Gasti, P., Teoli, M.. A lightweight mechanism for detection of cache pollution attacks in named data networking. Computer Networks 2013;57(16):3178-3191.

    [2] Rossini, G., Rossi, D.. Evaluating ccn multi-path interest forwarding strategies. Computer Communications 2013;36(7):771-778.

    [3] Li, C., Liu, W., Okamura, K.. A greedy ant colony forwarding algorithm for named data networking. In: Proceedings of the Asia-Pacific Advanced Network; vol. 34. 2012, p. 17-26.

    [4] Ahlgren, B., Dannewitz, C., Imbrenda, C., Kutscher, D., Ohlman, B.. A survey of information-centric networking (draft). In: Information-Centric Networking. Dagstuhl Seminar Proceedings; Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, Germany; 2011,.

    [5] Lee, H., Nakao, A.. User-assisted in-network caching in information-centric networking. Computer Networks 2013;57(16):3142-3153.

    [6] Smetters, D.K., Jacobson, V.. Securing network content. parc tr-2009-1. Tech. Rep.; October, 2009.

    [7] Ran, J., Lv, N., Zhang, D., Ma, Y., Xie, Z.. On performance of cache policies in named data networking. In: International Conference on Advanced Science and Electronics Information (ICACSEI). Atlantis Press; 2013, p. 668-671.

    [8] Amadeo, M., Campolo, C., Molinaro, A., Ruggeri, G.. Content-centric wireless networking: A survey. Computer Networks 2014;72:1-13.

    [9] Dannewitz, C., Kutscher, D., Ohlman, B., Farrell, S., Ahlgren, B., Karl, H.. Network of information (netinf) - an information-centric networking. Computer Communications 2013;36(7):721-735.

    [10] Jiang, X., Bi, J.. Technical report: Named content delivery network. Tech. Rep.; 2013.

  • Similar Research Results (2)
  • Metrics
    No metrics available
Share - Bookmark