ABSTRACT
With the boom in the technology with Internet of Things (IoT) nowadays, the need to reevaluate the traditional network using named data networking (NDN) is emerging and is becoming more and more popular. The traditional Transmission Control Protocol/Internet Protocol (TCP/IP) network is vulnerable to several known IP-related attacks. Although NDN addresses IP-related attacks, it still has some vulnerabilities; i.e., it is not free from name-spoofed flooding attacks and hard to maintain a routing table on a large scale. In this chapter, we focus on utilizing machine learning (ML) technology in an NDN-based IoT search engine (IoTSE) to study how to detect interest flooding attacks (IFA). Our approach begins with utilizing Network Simulator (ns3) to generate two IFA scenarios that focus on centralized attacking strategies in small- and large-scale simulations. Our evaluations specify the number of legitimate and adversaries’ users (one-to-one, one-to-many, many-to-many) with the IoTSE at the center of the network. By utilizing different link configurations, our evaluation results indicate that the level of impact of the IFA is significant. With the support of our evaluation environment, we obtain a dataset with two features (the number of sent packets and the label of attack), in which we simplify the problem to become a biclassification task. Our experimental results demonstrate that most of the machine learning (ML) models can learn well with this dataset and make good predictions, whereas the linear-based models do not handle the training process well, especially when the dataset volume increases tremendously.
