• Title, Summary, Keyword: Pending Interest Table

Search Result 5, Processing Time 0.037 seconds

A Method for Enhancing Timely-Delivery and Security Using IGPT in Content-Centric Networking (콘텐츠 중심 네트워킹에서 IGPT를 이용한 적시성 및 보안성 향상 방안)

  • Jung, Seunghoon;Park, Heungsoon;Kwon, Taewook
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.11
    • /
    • pp.743-754
    • /
    • 2014
  • Recently, Information-Centric Networking(ICN), different from traditional IP-based networking, has been highlighted. Content-Centric Networking(CCN), proposed by Van Jacobson, is a representative scheme of the ICN architectures. It can deliver messages slightly faster than the IP-based networking by focusing on the access and delivery to the content itself. However, CCN is restricted to distribute the information without transmitting the request packet in advance because it is pull-based architecture by content requester. In addition, it has a problem that the Pending Interest Table(PIT) could be overloaded easily when DDoS attack happens. In this paper, we suggest an algorithm using a push-based scheme without request packets and overcoming PIT overload situation by Interest Group Push Table(IGPT). The proposed scheme enables to transmit a large amount of content than an existing scheme during the same amount of time in terms of timely-delivery and security.

A Study on Fake Data Filtering Method of CCN (콘텐츠 중심 네트워킹 환경에서의 Fake Data Filtering Method 연구)

  • Kim, DaeYoub
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.1
    • /
    • pp.155-163
    • /
    • 2014
  • To enhance network efficiency, content-centric networking (CCN) proposes that intermediated network nodes on a content-delivery path temporally cache transmitted contents. Then if an intermediated node receives a content request message (Interest) for previously cached content, the node directly transmits the cached content as a response message (Data) to requestors and finishes the transmission of the received Interest. Since Interest is performed by intermediated network nodes, it is possible to efficiently transmit contents and to effectively solve a network congestion problem caused around contents sources. For that, CCN utilizes both content store to temporarily cache content and pending Interest table (PIT) to record Interest incoming Face. However, it has mentioned the possibility of denial service attack using both the limitation of PIT resource and fake Interests. In this paper, we briefly describe the presented PIT flooding attack utilizing fake Interest. Then we introduce new attack possibility using fake Data and propose a countermeasure for the proposed attack. Also we evaluate the performance of our proposal.

A Study on Countermeasure for CCN Interest Flooding Attack (콘텐츠 중심 네트워킹 환경에서의 Interest Packet Flooding 대응 연구)

  • Kim, DaeYoub
    • Journal of Korea Multimedia Society
    • /
    • v.16 no.8
    • /
    • pp.954-961
    • /
    • 2013
  • To enhance the efficiency of network, content-centric networking (CCN), one of future Internet architectures, allows network nodes to temporally cache transmitted contents and then to directly respond to request messages which are relevant to previously cached contents. Also, since CCN uses a hierarchical content-name, not a host identity like source/destination IP address, for request/response packet routing and CCN request message does not include requester's information for privacy protection, contents-providers/ network nodes can not identify practical requesters sending request messages. So to send back relevant contents, network nodes in CCN records both a request message and its incoming interfaces on Pending Interest Table (PIT). Then the devices refer PIT to return back a response message. If PIT is exhausted, the device can not normally handle request/response messages anymore. Hence, it is needed to detect/react attack to exhaust PIT. Hence, in this paper, we propose improved detection/reaction schemes against attacks to exhaust PIT. In practice, for fine-grained control, this proposal is applied to each incoming interface. Also, we propose the message framework to control attack traffic and evaluate the performance of our proposal.

Evaluating and Mitigating Malicious Data Aggregates in Named Data Networking

  • Wang, Kai;Bao, Wei;Wang, Yingjie;Tong, Xiangrong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.9
    • /
    • pp.4641-4657
    • /
    • 2017
  • Named Data Networking (NDN) has emerged and become one of the most promising architectures for future Internet. However, like traditional IP-based networking paradigm, NDN may not evade some typical network threats such as malicious data aggregates (MDA), which may lead to bandwidth exhaustion, traffic congestion and router overload. This paper firstly analyzes the damage effect of MDA using realistic simulations in large-scale network topology, showing that it is not just theoretical, and then designs a fine-grained MDA mitigation mechanism (MDAM) based on the cooperation between routers via alert messages. Simulations results show that MDAM can significantly reduce the Pending Interest Table overload in involved routers, and bring in normal data-returning rate and data-retrieval delay.

Provider's Mobility Supporting Proactive Neighbor Pushing Scheme in CCN (CCN에서 정보제공자의 이동성 지원을 위한 푸싱 기법)

  • Woo, Taehee;Kwon, Taewook
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.19 no.6
    • /
    • pp.721-729
    • /
    • 2016
  • CCN(Content-Centric Network) enables users to retrieve content using the content's name. Researchers face critical challenges in terms of mobility. Since the routing information is part of the content name, when the provider moves, it is necessary to update all the routers routing information. However, this requires significant costs. In this paper, we propose PNPCCN(Proactive Neighbor Pushing CCN), considering the popularity and rarity of mobility support, for providers in CCN environments. Via simulation studies, we demonstrate that our solutions are effective in terms of shorter numbers of retransmitted Interest packets, and average download times and higher delivery ratios during mobility.