Visible to the public Synergetic Denial-of-Service Attacks and Defense in Underwater Named Data Networking

TitleSynergetic Denial-of-Service Attacks and Defense in Underwater Named Data Networking
Publication TypeConference Paper
Year of Publication2020
AuthorsLi, Y., Liu, Y., Wang, Y., Guo, Z., Yin, H., Teng, H.
Conference NameIEEE INFOCOM 2020 - IEEE Conference on Computer Communications
Keywordsattacker identification, attackers synergize, computer network security, Computer science, Data Transmission, delays, denial-of-service, denial-of-service attack, denial-of-service attacks, DoS attacks, future network architectures, Human Behavior, increased network traffic, Interest Flooding Attack, interest flooding attacks, Internet, IP networks, named data networking, network architecture, normal IFAs, pubcrawl, Resiliency, Resists, Scalability, SDoS attacks, security, security of data, Synergetic Denial-of-Service, telecommunication network routing, telecommunication network topology, telecommunication security, telecommunication traffic, underwater acoustic communication, Underwater Networks, underwater sensor networks, UWSN, Wireless sensor networks
AbstractDue to the harsh environment and energy limitation, maintaining efficient communication is crucial to the lifetime of Underwater Sensor Networks (UWSN). Named Data Networking (NDN), one of future network architectures, begins to be applied to UWSN. Although Underwater Named Data Networking (UNDN) performs well in data transmission, it still faces some security threats, such as the Denial-of-Service (DoS) attacks caused by Interest Flooding Attacks (IFAs). In this paper, we present a new type of DoS attacks, named as Synergetic Denial-of-Service (SDoS). Attackers synergize with each other, taking turns to reply to malicious interests as late as possible. SDoS attacks will damage the Pending Interest Table, Content Store, and Forwarding Information Base in routers with high concealment. Simulation results demonstrate that the SDoS attacks quadruple the increased network traffic compared with normal IFAs and the existing IFA detection algorithm in UNDN is completely invalid to SDoS attacks. In addition, we analyze the infection problem in UNDN and propose a defense method Trident based on carefully designed adaptive threshold, burst traffic detection, and attacker identification. Experiment results illustrate that Trident can effectively detect and resist both SDoS attacks and normal IFAs. Meanwhile, Trident can robustly undertake burst traffic and congestion.
Citation Keyli_synergetic_2020