An official website of the United States government
To meet the increasing demands of next-generation cellular networks (e.g., 6G), advanced networking technologies must be incorporated. On one hand, the Fog Radio Access Network (F-RAN), has been proposed as an enhancement to the Cloud Radio Access Network (C-RAN). On the other hand, efficient network architectures, such as Named Data Networking (NDN), have been recognized as prominent Future Internet candidates. Nevertheless, the interplay between F-RAN and NDN warrants further investigation. In this paper, we propose an NDN-enabled F-RAN architecture featuring a strategy for distributed in-network caching. Through a simulation study, we demonstrate the superiority of the proposed in-network caching strategy in comparison with baseline caching strategies in terms of network resource utilization, cache hits, and front haul channel usage.
more »
« less
Interest Flooding Attacks in Named Data Networking: Survey of Existing Solutions, Open Issues, Requirements and Future Directions
Named Data Networking (NDN) is a prominent realization of the vision of Information-Centric Networking. The NDN architecture adopts name-based routing and location-independent data retrieval. Among other important features, NDN integrates security mechanisms and focuses on protecting the content rather than the communications channels. Along with a new architecture come new threats and NDN is no exception. NDN is a potential target for new network attacks such as Interest Flooding Attacks (IFAs). Attackers take advantage of IFA to launch (D)DoS attacks in NDN. Many IFA detection and mitigation solutions have been proposed in the literature. However, there is no comprehensive review study of these solutions that has been proposed so far. Therefore, in this paper, we propose a survey of the various IFAs with a detailed comparative study of all the relevant proposed solutions as counter-measures against IFAs. We also review the requirements for a complete and efficient IFA solution and pinpoint the various issues encountered by IFA detection and mitigation mechanisms through a series of attack scenarios. Finally, in this survey, we offer an analysis of the open issues and future research directions regarding IFAs.
more »
« less
- PAR ID:
- 10330851
- Date Published:
- Journal Name:
- ACM Computing Surveys
- ISSN:
- 0360-0300
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
As in-vehicle communication becomes more complex, the automotive community is exploring various architectural options such as centralized and zonal architectures for their numerous benefits. Common characteristics of these architectures include the need for high-bandwidth communication and security, which have been elusive with standard automotive architectures. Further, as automotive communication technologies evolve, it is also likely that multiple link-layer technologies such as CAN and Automotive Ethernet will co-exist. These alternative architectures promise to integrate these diverse sets of technologies. However, architectures that allow such co-existence have not been adequately explored. In this work we explore a new network architecture called Named Data Networking (NDN) to achieve multiple goals: provide a foundational security infrastructure and bridge different link layer protocols such as CAN, LIN, and automotive Ethernet into a unified communication system. We have created a proof-of-concept bench-top testbed using CAN HATS and Raspberry PIs that replay real traffic over CAN and Ethernet to demonstrate how NDN can provide a secure, high-speed bridge between different automotive link layers. We also show how NDN can support communication between centralized or zonal high-power compute components. Security is achieved through digitally signing all Data packets between these components, preventing unauthorized ECUs from injecting arbitrary data into the network. We also demonstrate NDN's ability to prevent DoS and replay attacks between different network segments connected through NDN.more » « less
-
Doglioni, C.; Kim, D.; Stewart, G.A.; Silvestris, L.; Jackson, P.; Kamleh, W. (Ed.)We present the design and implementation of a Named Data Networking (NDN) based Open Storage System plug-in for XRootD. This is an important step towards integrating NDN, a leading future internet architecture, with the existing data management systems in CMS. This work outlines the first results of data transfer tests using internal as well as external 100 Gbps testbeds, and compares the NDN-based implementation with existing solutions.more » « less
-
null (Ed.)With the proliferation of smart and connected mobile, wireless devices at the edge, Distributed Denial of Service (DDoS) attacks are increasing. Weak security, improper commissioning, and the fast, non-standardized growth of the IoT industry are the major contributors to the recent DDoS attacks, e.g., Mirai Botnet attack on Dyn and Memcached attack on GitHub. Similar to UDP/TCP flooding (common DDoS attack vector), request flooding attack is the primary DDoS vulnerability in the Named-Data Networking (NDN) architecture.In this paper, we propose PERSIA, a distributed request flooding prevention and mitigation framework for NDN-enabled ISPs, to ward-off attacks at the edge. PERSIA's edge-centric attack prevention mechanism eliminates the possibility of successful attacks from malicious end hosts. In the presence of compromised infrastructure (routers), PERSIA dynamically deploys an in-network mitigation strategy to minimize the attack's magnitude. Our experimentation demonstrates PERSIA's resiliency and effectiveness in preventing and mitigating DDoS attacks while maintaining legitimate users' quality of experience (> 99.92% successful packet delivery rate).more » « less
-
The emerging connected and autonomous vehicles (CAVs) challenge ad hoc wireless multi-hop communications by mobility, large-scale, new data acquisition and computing patterns. The Named Data Networking (NDN) is suitable for such vehicle ad hoc networks due to its information centric networking approach. However, flooding interest packets in ad-hoc NDN can lead to broadcast storm issue. Existing solutions will either increase the number of redundant interest packets or need a global knowledge about data producers. In this paper, a Location-Based Deferred Broadcast (LBDB) scheme is introduced to improve the efficiency and performance of interest broadcast in ad-hoc NDN. The scheme takes advantage of location information to set up timers when rebroadcasting an interest. The LBDB is implemented in V-NDN network architecture using ndnSIM simulator. Comparisons with several existing protocols are conducted in simulation. The results show that LBDB improves the overhead, the average number of hops and delay while maintaining an average satisfaction ratio when compared with several other broadcast schemes. The improvement can help offer timely data acquisition for quick responses in emergent CAV application situations.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Journal Article:
- https://doi.org/10.1145/3539730
