dc.description.abstract |
In connected vehicular ecosystem, multimedia data sharing is rapidly increasing and it has
emerged as a crucial aspect of Vehicular Ad-hoc Network (VANET). Traditional TCP/IP
network model is found inappropriate to cope with high mobility, network volatility and
intermittent connectivity between vehicular nodes. During the last few years, Named Data
Network (NDN) has been considered as a promising candidate for efficient and seamless
connectivity between vehicular nodes. Vehicular Named Data Network (VNDN) has been
used to handle intermittent connectivity between vehicles, mobility, seamless connectivity
and scalability problems in host-centric VANET environment. In VNDN, communication
takes place on the basis of name instead of host IP address mechanism. Moreover,
communication between vehicles follows pull based approach, i.e., data packets are
generated on demand to prevent network from overloading. However, there are certain
security challenges in a VNDN environment. These challenges are Denial-of-Service
(DoS) Attacks, Cache related attacks, timing attacks, Interest Flooding Attack (IFA) etc.
This research work focuses on Interest Flooding Attack (IFA) in a VNDN scenario.
In IFA, attacker(s) generates malicious Interest packets with non-existent prefix to exhaust
network resources and cause Interest packet flooding across the network. This thesis has
proposed a novel attack mitigation scheme to counter this problem. The proposed Priority
based per-flow Interest rate monitoring scheme determines suspicious flow of malicious
incoming Interest packets in attacked vehicles. Moreover, proposed attack mitigation
method comprises three different phases, i.e., attack detection, recovery and prevention, to
prevent VNDN scenario from shutting down. Detection phase identifies suspicious flow of
incoming Interest packets while attack recovery phase back tracks attacker vehicle(s). The
proposed research scheme has introduced attack prevention phase to limit scalability of
IFA in a VNDN scenario. A priority flag is assigned to incoming flow of Interest packets
that detects IFA. The priority of incoming Interest packet flow is calculated on the basis of
various parameters, i.e., Average Interest transmission rate, Interest Satisfaction Rate,
Interest packet retransmission count, Interest Satisfaction Ratio (ISR), number of hop
x
traversed, cache hit/miss ratio and Interest packet transmission delay. The aforementioned
metrics are considered to avoid false attack detection and rejection of legitimate Interest
packets.
Repeated Simulations show that proposed IFA mitigation scheme outperforms prior perface Interest rate limiting solutions in terms of improved Interest Satisfaction rate, cache
hit ratio and ISR during attack window. Besides this, proposed research model also
maintains low rate of Pending Interest Table (PIT) utilization, packet collisions, Interest
packets retransmission count, end-to-end delay and ratio of Unsatisfied Interest packets.
Furthermore, scalability of proposed research strategy is also evaluated by changing
density of attackers at real-time. Moreover in proposed attack mitigation model, rate of
incoming legitimate Interest packets increases by reducing drop rate of valid Interest
packets. |
en_US |