IET Information Security (May 2023)

MF‐RF: A detection approach based on multi‐features and random forest algorithm for improved collusive interest flooding attack

  • Meng Yue,
  • Silin Peng,
  • Wenzhi Feng

DOI
https://doi.org/10.1049/ise2.12100
Journal volume & issue
Vol. 17, no. 3
pp. 360 – 376

Abstract

Read online

Abstract A new type of Collusive Interest Flooding Attack (CIFA), Improved Collusive Interest Flooding Attack (I‐CIFA), which originates from CIFA with a stronger concealment, higher attack effect, lower attack cost, and wider attack range in Named Data Networking (NDN). In order to detect this attack, the present study explores new detection features and establishes a sample set of attack features with different granularities, and accordingly, the Pearson coefficient is used to validate the correlation between the proposed features and the network states. Finally, the Random Forest model is designed to detect the I‐CIFA attack. To evaluate the performance of the approach, extensive experiments are conducted in ndnSIM platform. Test results show that the proposed detection approach outperforms other existing approaches with a detection rate of 98.1%, error rate of 1.9%, and false positive rate of 1.5%.