Detection of interest flooding attacks in Named Data Networking using hypothesis testing

With the rapid growth of Internet traffic, new emerging network architectures are under deployment. Those architectures will substitute the current IP/TCP network only if they can ensure better security. Currently, the most advanced proposal for future Internet architecture is Named Data Networking (NDN). However, new computer network architectures bring new types of attacks. This paper focuses on the detection against Interest flooding - one of the most threatening attacks in NDN. The statistical detection is studied within the framework of hypothesis testing. First, we address the case in which all traffic parameters are known. In this context, the optimal test is designed and its statistical performance is given. This allows providing an upper bound on the highest detection accuracy one can expect. Then, a linear parametric model is proposed to estimate unknown parameters and to design a practical test for which the statistical performance is also provided. Numerical results show the relevance of the proposed methodology.