Dual‐collaborative DoS/DDoS mitigation approach in information‐centric mobile Internet

Summary The amount of wireless traffic is increasing at an overwhelming speed. Information‐centric networking (ICN) has been proposed as a promising Future Internet Architecture, which can reduce network traffic by putting data objects toward the edge. It is expected that in information‐centric mobi...

Full description

Saved in:
Bibliographic Details
Published in:International journal of communication systems 2020-03, Vol.33 (4), p.n/a
Main Authors: Chen, Jia, Jia, Haiyu, Liu, Qi
Format: Article
Language:English
Subjects:
Algorithms
Collaboration
collaborative
Communications traffic
Computer simulation
Core wire
Denial of service attacks
DoS/DDoS mitigation
information centric
Internet
mobile Internet
Traffic speed
Wireless networks
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Summary The amount of wireless traffic is increasing at an overwhelming speed. Information‐centric networking (ICN) has been proposed as a promising Future Internet Architecture, which can reduce network traffic by putting data objects toward the edge. It is expected that in information‐centric mobile Internet (ICMI), the wireless traffic can be significantly reduced. Yet, DoS/DDoS attack becomes a critical issue in ICMI by causing wireless gateway blockade. To tackle the problem, we propose a dual‐collaborative DoS/DDoS mitigation approach (DCMA) and advanced DCMA to protect wireless gateways. In the algorithm, the attackers' visiting information including international mobile equipment identity (IMEI) and data object name (DON) are analyzed jointly to accurately identify potential attackers through the collaboration between the Internet and mobile network. In addition, the attacker's behaviors are analyzed centrally, and security strategies are applied distributively throughout wireless edge through the collaboration between wireless core network (CN) and radio access network (RAN). Extensive simulations are performed to verify the effectiveness of the proposed algorithms. The results demonstrate that advanced DCMA can achieve high DDoS and attacker detection probability and small false positive probability. For mitigating DoS/DDoS attacks for wireless gateway blockade in information‐centric mobile Internet, DCMA is proposed, which includes the collaboration between wireless networks and the Internet and the collaboration between wireless CN and RAN. An advanced DCMA algorithm is proposed, which uses the variations of both nonexisting data object name (DON) request volume and entropy for accurately identifying the DoS/DDoS attacks the attackers. Extensive simulations demonstrate the effectiveness of the proposed algorithm in achieving high DoS/DDoS attack and attackers' detection probability and low false positive probability.
ISSN:1074-5351
1099-1131
DOI:10.1002/dac.4241