Method and system for mitigating interest flooding attacks in content-centric networks
First Claim
Patent Images
1. A method for mitigating Interest flooding attacks in content-centric networks (CCNs), comprising:
- receiving, by a network device via a physical interface of the network device, Interest packets for one or more name prefixes;
counting a number of Interests received via the physical interface and deleted from a pending Interest table due to a timeout;
computing Interest satisfaction statistics for the physical interface based on the counted Interests; and
in response to receiving an Interest packet for a target name prefix, determining whether to forward or drop the Interest packet based on the Interest satisfaction statistics for the target name prefix.
4 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system for mitigating interest flooding attacks in content-centric networks (CCNs). During operation, the system receives, at a physical interface of a router, an interest packet; obtains current interest satisfaction statistics associated with the physical interface; and determines whether to forward or drop the interest packet based on the current interest satisfaction statistics.
247 Citations
22 Claims
-
1. A method for mitigating Interest flooding attacks in content-centric networks (CCNs), comprising:
-
receiving, by a network device via a physical interface of the network device, Interest packets for one or more name prefixes; counting a number of Interests received via the physical interface and deleted from a pending Interest table due to a timeout; computing Interest satisfaction statistics for the physical interface based on the counted Interests; and in response to receiving an Interest packet for a target name prefix, determining whether to forward or drop the Interest packet based on the Interest satisfaction statistics for the target name prefix. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for mitigating Interest flooding attacks in content-centric networks (CCNs), the method comprising:
-
receiving, by a network device via a physical interface of the network device, Interest packets for one or more name prefixes; counting a number of Interests received via the physical interface and deleted from a pending Interest table due to a timeout; computing Interest satisfaction statistics for the physical interface based on the counted Interests; and in response to receiving an Interest packet for a target name prefix, determining whether to forward or drop the Interest packet based on the Interest satisfaction statistics for the target name prefix. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A router in a content-centric network (CCN) for mitigating Interest flooding attacks, comprising:
-
a physical interface for receiving Interest packets for one or more name prefixes; an Interest counter configured to count a number of Interests received via the physical interface and deleted from a pending Interest table due to a timeout; an Interest satisfaction statistics calculator configured to compute Interest satisfaction statistics for the physical interface based on the counted Interests; and a determination mechanism configured to determine whether to forward or drop an Interest packet based on the Interest satisfaction statistics for a target name prefix, in response to receiving the Interest packet for the target name prefix. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification