Jisuanji kexue yu tansuo (Apr 2021)
Human Immune Defense Theory Merged ICN Secure Routing Mechanism
Abstract
Information-centric networking (ICN) introduces in-network caching mechanism to enable routers to have content caching function, changing the network from IP addressing to content name addressing, aiming to better provide services for content distribution applications. However, interest flooding attack (IFA) will lead to the exhaustion of router resources and make it discard a large number of legitimate interest packets, thus becoming the “bane” of ICN security. Combined with human immune defense theory, a two-stage ICN secure routing mechanism is proposed to resist interest flooding attacks. During the immunization time, non-specific immunization is completed through immune feedback and isolation strategy to prevent the pending interest table (PIT) of the router from being maliciously occupied. However, non-specific immunity cannot alleviate persistent IFA attacks, so further specific immunity is completed through backtracking strategy to form immune memory and completely block interest flooding attacks. Experimental results show that the proposed routing mechanism can effectively resist interest flooding attacks, reduce resource depletion and invalid computation caused by attacks, and ensure network performance.
Keywords