Interest Flooding Attacks in Named Data Networking and Mitigations: Recent Advances and Challenges

Simeon Ogunbunmi, Yu Chen (), Qi Zhao, Deeraj Nagothu, Sixiao Wei, Genshe Chen and Erik Blasch
Additional contact information
Simeon Ogunbunmi: Department of Electrical and Computer Engineering, Binghamton University, Binghamton, NY 13902, USA
Yu Chen: Department of Electrical and Computer Engineering, Binghamton University, Binghamton, NY 13902, USA
Qi Zhao: Intelligent Fusion Technology, Inc., Germantown, MD 20874, USA
Deeraj Nagothu: Intelligent Fusion Technology, Inc., Germantown, MD 20874, USA
Sixiao Wei: Intelligent Fusion Technology, Inc., Germantown, MD 20874, USA
Genshe Chen: Intelligent Fusion Technology, Inc., Germantown, MD 20874, USA
Erik Blasch: Air Force Research Laboratory, Arlington, VA 22203, USA

Future Internet, 2025, vol. 17, issue 8, 1-21

Abstract: Named Data Networking (NDN) represents a promising Information-Centric Networking architecture that addresses limitations of traditional host-centric Internet protocols by emphasizing content names rather than host addresses for communication. While NDN offers advantages in content distribution, mobility support, and built-in security features, its stateful forwarding plane introduces significant vulnerabilities, particularly Interest Flooding Attacks (IFAs). These IFA attacks exploit the Pending Interest Table (PIT) by injecting malicious interest packets for non-existent or unsatisfiable content, leading to resource exhaustion and denial-of-service attacks against legitimate users. This survey examines research advances in IFA detection and mitigation from 2013 to 2024, analyzing seven relevant published detection and mitigation strategies to provide current insights into this evolving security challenge. We establish a taxonomy of attack variants, including Fake Interest, Unsatisfiable Interest, Interest Loop, and Collusive models, while examining their operational characteristics and network performance impacts. Our analysis categorizes defense mechanisms into five primary approaches: rate-limiting strategies, PIT management techniques, machine learning and artificial intelligence methods, reputation-based systems, and blockchain-enabled solutions. These approaches are evaluated for their effectiveness, computational requirements, and deployment feasibility. The survey extends to domain-specific implementations in resource-constrained environments, examining adaptations for Internet of Things deployments, wireless sensor networks, and high-mobility vehicular scenarios. Five critical research directions are proposed: adaptive defense mechanisms against sophisticated attackers, privacy-preserving detection techniques, real-time optimization for edge computing environments, standardized evaluation frameworks, and hybrid approaches combining multiple mitigation strategies.

Keywords: Named Data Networking (NDN); Interest Flooding Attacks (IFA); Information-Centric Networking (ICN); Network Security; Denial of Service (DoS) Attacks; Content-Centric Security (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2025
References: Add references at CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/1999-5903/17/8/357/pdf (application/pdf)
https://www.mdpi.com/1999-5903/17/8/357/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:17:y:2025:i:8:p:357-:d:1719194

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().