SmartDetour: Defending Blackhole and Content Poisoning Attacks in IoT NDN Networks

Yinuo Feng CSC466

2022.10.03

1. The Problem(s)

The main problem mentioned in this paper is NDN, which is a networking paradigm used to support Internet of Things, because of its data-based framework, attacks against this framework, namely black hole attacks and content poisoning attacks appeared. This question was important at the time of publication because existing methods cannot effectively handle both attacks. It’s still NDN is undoubtedly important as a networking paradigm that will be heavily used for the Internet of Things.

2. Main Idea(s)

This paper introduces a defense mechanism called SmartDetour. This mechanism will deal with black hole attacks and cache poisoning attacks in a distributed manner. This method consists of two parts. The first part is used to actively update the data acceptance candidate credit algorithm, and the second part is the mechanism to calculate the probability of reception and forward the data according to the algorithm. The first part calculates the probability of receiving a packet, this data changes with the current situation, and the second part will transmit the packet with maximum efficiency.

3. Major Strengths

First of all, it has a lower packet loss rate compared to MDFP and ROM, that is, other solutions proposed previously. This is very important, because while ensuring security, whether the data is transmitted is also the key point to consider. Second, it is more efficient, and according to the authors' experimental ground, MDFP causes unnecessary jumps. But since SmartDetour includes a probabilistic algorithm that is actively updated, packets are delivered to the highest rated targets. This is also very important, because too inefficiency can lead to timeouts and a lot of inconvenience at the application level. Third, in the author's simulation experiments, SmartDetour successfully detects 98.6% of the attackers, which is very important because wrong detection will consume more resources.

4. Major Weaknesses

First, since it is a probabilistically selective transmission, if the highest credit packet is incorrectly marked as an attacker, and the reputation is reduced. Is it possible that the second-ranked packet could be an attacker and cause data loss or be compromised. Second, although the author's experiment contains at least 2000 data packets. However, NDN as a networking paradigm that may be deployed globally to support IoT, can SmartDetour support the transmission of a larger amount of data. Third, since the credit rating will be restored after the identification error is found at the time. Then in the case of a large amount of data, will the detection time be too long and eventually time out, resulting in packet loss?

5. Possible Improvement

Restoring the credit rating after misidentification requires additional actions. Is it possible to delay recovery and save time by consolidating recovery operations. At the same time, if the data transfer completes before the delay count is reached, the time to recover the data packet will be saved.