Skip to main content
SpringerLink
Log in

A survey on interest packet flooding attacks and its countermeasures in named data networking

  • Survey
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

The current Internet architecture is not suitable for the growing data (generated from billions of devices) and contents (stored in multiple geographical locations/data centers). There is a need for an efficient content distribution, addressing, secure data transmission, stateful forwarding, scalability, etc., in the Internet layer communication. Named data networking (NDN) that follows the content/information-centric networking architecture is seen as a promising future Internet architecture. Although the popularity of the NDN is recently increasing in the research community, the NDN environment is also vulnerable to new attacks. These new attacks target NDN core functionalities such as forwarding, caching, and naming strategies. One such exhaustive attack is the Interest Flooding Attack (IFA) that targets the forwarding strategy of NDN and creates maximum impact on the target with minimum effort. Therefore, our focus in the paper is on IFA and its existing solutions. To the best of our knowledge, this is the first in-depth survey on the existing IFA countermeasures in NDN- based networks. From the comprehensive literature review, it is evident that the IFA is devastating the NDN services and the attackers exploit the Interest Packet requests to achieve it. In this paper, the existing solutions available in the literature from 2012 to till date are categorized and these solutions are critically evaluated in terms of technique name, advantages, and limitations. Besides, the existing solutions in each category are compared against various performance metrics. Further, the challenges and the potential research direction toward the Interest Flooding Attack countermeasures are discussed in terms of achieving service availability.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Statista: Demographics use-statistics and market data on online demographics use. https://www.statista.com/markets/424/topic/537/demographics-use/. Accessed 17 Dec 2020

  2. Forouzan, B.A.: TCP/IP Protocol Suite. McGraw-Hill Inc, New York (2002)

    Google Scholar 

  3. Khelifi, H., Luo, S., Nour, B., Moungla, H., Faheem, Y., Hussain, R., Ksentini, A.: Named data networking in vehicular ad hoc networks: state-of-the-art and challenges. IEEE Commun. Surv. Tutor. 22(1), 320–351 (2019)

    Article  Google Scholar 

  4. National Research Foundation (NSF). http://www.nets-fia.net/. Accessed 17 Dec 2020

  5. Zhang, L., Afanasyev, A., Burke, J., Jacobson, V., Claffy, K., Crowley, P., Papadopoulos, C., Wang, L., Zhang, B.: Named data networking. ACM SIGCOMM Comput. Commun. Rev. 44(3), 66–73 (2014)

    Article  Google Scholar 

  6. Seskar, I., Nagaraja, K., Nelson, S., Raychaudhuri, D.: Mobilityfirst future internet architecture project. In: Proceedings of the 7th Asian Internet Engineering Conference, pp. 1–3 (2011)

  7. Anderson, T., Birman, K., Broberg, R., Caesar, M., Comer, D., Cotton, C., Freedman, M.J., Haeberlen, A., Ives, Z.G., Krishnamurthy, A., et al.: The nebula future internet architecture. In: The Future Internet Assembly, pp. 16–26. Springer (2013)

  8. Anand, A., Dogar, F., Han, D., Li, B., Lim, H., Machado, M., Wu, W., Akella, A., Andersen, D.G., Byers, J.W., et al.: Xia: An architecture for an evolvable and trustworthy internet. In: Proceedings of the 10th ACM Workshop on Hot Topics in Networks, pp. 1–6 (2011)

  9. Wolf, T., Griffioen, J., Calvert, K.L., Dutta, R., Rouskas, G.N., Baldin, I., Nagurney, A.: Choicenet: toward an economy plane for the internet. ACM SIGCOMM Comput. Commun. Rev. 44(3), 58–65 (2014)

    Article  Google Scholar 

  10. Arjunwadkar, D.P.: Introduction of NDN with comparison to current internet architecture based on TCP/IP. Int. J. Comput. Appl. 105(5), 10 (2014)

    Google Scholar 

  11. Kumar, N., Singh, A.K., Aleem, A., Srivastava, S.: Security attacks in named data networking: a review and research directions. J. Comput. Sci. Technol. 34(6), 1319–1350 (2019)

    Article  Google Scholar 

  12. Ndn testbed. https://named-data.net/ndn-testbed/. Accessed 10 Aug 2021

  13. Gusev, P., Burke, J.: Ndn-rtc: Real-time videoconferencing over named data networking. In: Proceedings of the 2nd ACM Conference on Information-Centric Networking, pp. 117–126 (2015)

  14. Moiseenko, I., Wang, L., Zhang, L.: Consumer/producer communication with application level framing in named data networking. In: Proceedings of the 2nd ACM Conference on Information-Centric Networking, pp. 99–108 (2015)

  15. npchat. https://github.com/named-data-mobile/ndn-photo-app/. Accessed 10 August 2021

  16. N. D. Networking: Ndn packet format specification version 0.3. https://named-data.net/doc/NDN-packet-spec/current/interest.html. Accessed 17 Dec 2020

  17. Lehman, V., Gawande, A., Zhang, B., Zhang, L., Aldecoa, R., Krioukov, D., Wang, L.: An experimental investigation of hyperbolic routing with a smart forwarding plane in ndn. In: 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS), pp. 1–10. IEEE (2016)

  18. Wang, L., Lehman, V., Hoque, A.M., Zhang, B., Yu, Y., Zhang, L.: A secure link state routing protocol for ndn. IEEE Access 6, 10470–10482 (2018)

    Article  Google Scholar 

  19. Chatterjee, T., Ruj, S., Bit, S.D.: Security issues in named data networks. Computer 51(1), 66–75 (2018)

    Article  Google Scholar 

  20. Al-Sheikh, S., Wählisch, M., Schmidt, T.C.: Revisiting countermeasures against ndn interest flooding. In: Proceedings of the 2nd ACM Conference on Information-Centric Networking, pp. 195–196 (2015)

  21. Aamir, M., Zaidi, S.M.A.: Denial-of-service in content centric (named data) networking: a tutorial and state-of-the-art survey. Secur. Commun. Netw. 8(11), 2037–2059 (2015)

    Article  Google Scholar 

  22. Chhetry, N., Kalita, H.K.: Interest flooding attack in named data networking: a survey. ADBU J. Eng. Technol. 4, 10 (2016)

    Google Scholar 

  23. Rai, S., Dhakal, D.: A survey on detection and mitigation of interest flooding attack in named data networking. In: Advanced Computational and Communication Paradigms, pp. 523–531. Springer (2018)

  24. Compagno, A., Conti, M., Gasti, P., Tsudik, G.: Ndn interest flooding attacks and countermeasures. In: Annual Computer Security Applications Conference (2012)

  25. Wang, K., Zhou, H., Qin, Y., Chen, J., Zhang, H.: Decoupling malicious interests from pending interest table to mitigate interest flooding attacks. In: 2013 IEEE Globecom Workshops (GC Wkshps). IEEE, pp. 963–968 (2013)

  26. Wang, K., Zhou, H., Luo, H., Guan, J., Qin, Y., Zhang, H.: Detecting and mitigating interest flooding attacks in content-centric network. Secur. Commun. Netw. 7(4), 685–699 (2014)

    Article  Google Scholar 

  27. Compagno, A., Conti, M., Gasti, P., Tsudik, G.: Poseidon: mitigating interest flooding ddos attacks in named data networking. In: 38th Annual IEEE Conference on Local Computer Networks, pp. 630–638. IEEE (2013)

  28. Tang, J., Zhang, Z., Liu, Y., Zhang, H.: Identifying interest flooding in named data networking. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing. IEEE, pp. 306–310 (2013)

  29. Dai, H., Wang, Y., Fan, J., Liu, B.: Mitigate ddos attacks in ndn by interest traceback. In: 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, pp. 381–386 (2013)

  30. Liu, G., Quan, W., Cheng, N., Wang, K., Zhang, H.: Accuracy or delay? A game in detecting interest flooding attacks. Internet Technol. Lett. 1(2), e31 (2018)

    Article  Google Scholar 

  31. Sattar, M.U., Rehman, R.A.: Interest flooding attack mitigation in named data networking based vanets. In: 2019 International Conference on Frontiers of Information Technology (FIT), pp. 245–2454. IEEE (2019)

  32. Benmoussa, A., el Karim Tahari, A., Lagaa, N., Lakas, A., Ahmad, F., Hussain, R., Kerrache, C.A., Kurugollu, F.: A novel congestion-aware interest flooding attacks detection mechanism in named data networking. In: 2019 28th International Conference on Computer Communication and Networks (ICCCN), pp. 1–6. IEEE (2019)

  33. Shigeyasu, T., Sonoda, A.: Distributed approach for detecting collusive interest flooding attack on named data networking. In: International Conference on Network-Based Information Systems, pp. 76–86. Springer (2018)

  34. Pu, C., Payne, N., Brown, J.: Self-adjusting share-based countermeasure to interest flooding attack in named data networking. In: 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 142–147. IEEE (2019)

  35. Benarfa, A., Hassan, M., Compagno, A., Losiouk, E., Yagoubi, M.B., Conti, M.: Chokifa: A new detection and mitigation approach against interest flooding attacks in ndn. In: International Conference on Wired/Wireless Internet Communication, pp. 53–65. Springer (2019)

  36. Benarfa, A., Hassan, M., Losiouk, E., Compagno, A., Yagoubi, M.B., Conti, M.: Chokifa+: an early detection and mitigation approach against interest flooding attacks in ndn (2019)

  37. Benmoussa, A., el Karim Tahari, A., Kerrache, C.A., Lagraa, N., Lakas, A., Hussain, R., Ahmad, F.: Msidn: Mitigation of sophisticated interest flooding-based ddos attacks in named data networking. Future Gen. Comput. Syst. 107, 293–306 (2020)

    Article  Google Scholar 

  38. Afanasyev, A., Mahadevan, P., Moiseenko, I., Uzun, E., Zhang, L.: Interest flooding attack and countermeasures in named data networking. In: 2013 IFIP Networking Conference, pp. 1–9. IEEE (2013)

  39. Ding, K., Liu, Y., Cho, H.-H., Chao, H.-C., Shih, T.K.: Cooperative detection and protection for interest flooding attacks in named data networking. Int. J. Commun. Syst. 29(13), 1968–1980 (2016)

    Article  Google Scholar 

  40. Nguyen, T., Cogranne, R., Doyen, G.: An optimal statistical test for robust detection against interest flooding attacks in ccn. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 252–260. IEEE (2015)

  41. Xin, Y., Li, Y., Wang, W., Li, W., Chen, X.: A novel interest flooding attacks detection and countermeasure scheme in ndn. In: 2016 IEEE Global Communications Conference (GLOBECOM), pp. 1–7. IEEE (2016)

  42. Selvi, V., Shebin, R., et al.: Game theory based mitigation of interest flooding in named data network. In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pp. 685–689. IEEE (2016)

  43. Guimaraes, F., Rocha, A., Albuquerque, C., Ribeiro, I.: Modeling ndn pit to analyze the limits of timeout on the effectiveness of flooding attacks. In: 2016 IEEE Symposium on Computers and Communication (ISCC), pp. 1245–1250. IEEE (2016)

  44. Xin, Y., Li, Y., Wang, W., Li, W., Chen, X.: Detection of collusive interest flooding attacks in named data networking using wavelet analysis. In: MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp. 557–562. IEEE (2017)

  45. Zhi, T., Luo, H., Liu, Y.: A gini impurity-based interest flooding attack defence mechanism in ndn. IEEE Commun. Lett. 22(3), 538–541 (2018)

    Article  Google Scholar 

  46. Zhang, X., Li, R.: An ari-hmm based interest flooding attack countermeasure in ndn. In: 2019 IEEE 23rd International Conference on Computer Supported Cooperative Work in Design (CSCWD), pp. 10–15. IEEE (2019)

  47. Hou, R., Han, M., Chen, J., Hu, W., Tan, X., Luo, J., Ma, M.: Theil-based countermeasure against interest flooding attacks for named data networks. IEEE Network 33(3), 116–121 (2019)

    Article  Google Scholar 

  48. Wu, Z., Feng, W., Yue, M., Xu, X., Liu, L.: Mitigation measures of collusive interest flooding attacks in named data networking. Comput. Secur. 97, 101971 (2020)

    Article  Google Scholar 

  49. Salah, H., Wulfheide, J., Strufe, T.: Lightweight coordinated defence against interest flooding attacks in ndn. In: 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 103–104. IEEE (2015)

  50. Yin, G., Tang, J., Zou, F., Wu, Y., Li, J.: Controller based detection scheme of interest flooding attack in named data networking. In: 2019 IEEE 5th International Conference on Computer and Communications (ICCC), pp. 1628–1633. IEEE (2019)

  51. Cheng, G., Zhao, L., Hu, X., Zheng, S., Wu, H., Li, R., Fan, C.: Detecting and mitigating a sophisticated interest flooding attack in ndn from the network-wide view. In: 2019 IEEE First International Workshop on Network Meets Intelligent Computations (NMIC), pp. 7–12. IEEE (2019)

  52. Wang, K., Zhou, H., Qin, Y., Zhang, H.: Cooperative-filter: countering interest flooding attacks in named data networking. Soft. Comput. 18(9), 1803–1813 (2014)

    Article  Google Scholar 

  53. Kumar, N., Singh, A.K., Srivastava, S.: Evaluating machine learning algorithms for detection of interest flooding attack in named data networking. In: Proceedings of the 10th International Conference on Security of Information and Networks, pp. 299–302 (2017)

  54. Zhi, T., Liu, Y., Yan, Z.: An entropy-svm based interest flooding attack detection method in icn. In: 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall), pp. 1–5. IEEE (2018)

  55. Chen, J., Xing, G., Cui, M., Huo, H., Hou, R.: Isolation forest based interest flooding attack detection mechanism in ndn. In: 2019 2nd International Conference on Hot Information-Centric Networking (HotICN), pp. 58–62. IEEE (2019)

  56. Shinohara, R., Kamimoto, T., Sato, K., Shigeno, H.: Cache control method mitigating packet concentration of router caused by interest flooding attack. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 324–331. IEEE (2016)

  57. Pang, B., Li, R., Yue, P.: Research of the interest packet popple broadcast diffusion attack in ndn vanet. In: Proceedings of the Symposium on Applied Computing, pp. 617–620 (2017)

  58. Zhang, X., Li, R., Zhao, W., Wu, R.: Detection of malicious nodes in ndn vanet for interest packet popple broadcast diffusion attack. In: 2017 11th IEEE International Conference on Anti-counterfeiting, Security, and Identification (ASID), pp. 114–118. IEEE (2017)

  59. Rabari, J., Kumar, A.R.P.: Fifa: Fighting against interest flooding attack in ndn-based vanet. In: 2021 International Wireless Communications and Mobile Computing (IWCMC), pp. 1539–1544. IEEE (2021)

  60. Buchanan, W.J., Li, S., Asif, R.: Lightweight cryptography methods. J. Cyber Secur. Technol. 1(3–4), 187–201 (2017)

    Article  Google Scholar 

  61. Yu, Y., Afanasyev, A., Clark, D., Claffy, K., Jacobson, V., Zhang, L.: Schematizing trust in named data networking. In: Proceedings of the 2nd ACM Conference on Information-Centric Networking, pp. 177–186 (2015)

  62. Ghali, C., Tsudik, G., Uzun, E.: In content we trust: network-layer trust in content-centric networking. IEEE/ACM Trans. Netw. 27(5), 1787–1800 (2019)

    Article  Google Scholar 

  63. Zhang, X., Chang, K., Xiong, H., Wen, Y., Shi, G., Wang, G.: Towards name-based trust and security for content-centric network. In: 2011 19th IEEE International Conference on Network Protocols, pp. 1–6 (2011)

  64. Nauck, D., Klawonn, F., Kruse, R.: Foundations of Neuro-Fuzzy Systems. Wiley, New York (1997)

    MATH  Google Scholar 

  65. Manimaran, P., et al.: Ndnids: An intrusion detection system for ndn based vanet. In: 2020 IEEE 91st Vehicular Technology Conference (VTC2020-Spring), pp. 1–5. IEEE (2020)

  66. Mtibaa, A., Tourani, R., Misra, S., Burke, J., Zhang, L.: Towards edge computing over named data networking. In: 2018 IEEE International Conference on Edge Computing (EDGE), pp. 117–120 (2018)

  67. Scherb, C., Emde, S., Marxer, C., Tschudin, C.: Data upload in mobile edge computing over icn. In: 2019 IEEE Globecom Workshops (GC Wkshps), pp. 1–6 (2019)

  68. Xu, X., Feng, C., Shan, S., Zhang, T., Loo, J.: Proactive edge caching in content-centric networks with massive dynamic content requests. IEEE Access 8, 59906–59921 (2020)

    Article  Google Scholar 

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology, Calicut, Kozhikode, India

    Rabari Jeet & P. Arun Raj Kumar

Authors
  1. Rabari Jeet
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. P. Arun Raj Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rabari Jeet.

Ethics declarations

Conflicts of interest

The Authors declares that they do not have conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jeet, R., Arun Raj Kumar, P. A survey on interest packet flooding attacks and its countermeasures in named data networking. Int. J. Inf. Secur. 21, 1163–1187 (2022). https://doi.org/10.1007/s10207-022-00591-w

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-022-00591-w

Keywords

Search

Navigation