Performance Evaluation of Significant Feature for Interest Flooding Attack Detection on Named Data Networking
Downloads
One of the internet architectures of the future that has advantages over the current system is Named Data Networking (NDN). However, Denial of Service (DoS) attacks, such as interest flooding attacks (IFA), can still disrupt the network. Detecting IFA attacks is crucial for preventing further damage. Several approaches to detection systems have been proposed, including a classification approach to detecting attacks with multiple detection parameters or features. However, the many detection system features that can be extracted from the network result in longer computation times for the classification algorithms. This research focuses on enhancing the detection of IFA by evaluating the features of the detection system and identifying significant features to improve detection accuracy and reduce computation time. We employed various feature selection algorithms, including information gain, wrapper naive Bayes, gain ratio, and correlation-based feature selection (CFS). The selected features are tested to detect attacks using several classification algorithms, including naive Bayes, random forest, J48, and Bayesian network. Our proposed method found only three essential features for detecting IFA from 18 features available, resulting in better detection accuracy and increasing by 47.8% the time to build the model. This study enhances NDN security while reducing computational cost, making real-time attack detection more feasible.
Downloads
[1] Jaffri, Z. ul A., Ahmad, Z., & Tahir, M. (2013). Named Data Networking (NDN), New Approach to Future Internet Architecture Design: A Survey. International Journal of Informatics and Communication Technology (IJ-ICT), 2(3), 155–164. doi:10.11591/ij-ict.v2i3.5122.
[2] NDN. (2025) A Future Internet Architecture, Named Data Networking (NDN), Palo Alto, United States. Available online: https://www.named-data.net (accessed on November 2025)
[3] Afanasyev, A., Burke, J., Refaei, T., Wang, L., Zhang, B., & Zhang, L. (2018). A Brief Introduction to Named Data Networking. MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM), 8599682. doi:10.1109/milcom.2018.8599682.
[4] Saxena, D., Raychoudhury, V., Suri, N., Becker, C., & Cao, J. (2016). Named Data Networking: A survey. Computer Science Review, 19, 15–55. doi:10.1016/j.cosrev.2016.01.001.
[5] Aggarwal, M., Nilay, K., & Yadav, K. (2017). Survey of named data networks: future of internet. International Journal of Information Technology, 9(2), 197–207. doi:10.1007/s41870-017-0014-y.
[6] Kumar, N., Singh, A. K., Aleem, A., & Srivastava, S. (2019). Security Attacks in Named Data Networking: A Review and Research Directions. Journal of Computer Science and Technology, 34(6), 1319–1350. doi:10.1007/s11390-019-1978-9.
[7] Kumar, N., Singh, A. K., & Srivastava, S. (2017). Evaluating machine learning algorithms for detection of interest flooding attack in named data networking. Proceedings of the 10th International Conference on Security of Information and Networks, 299–302. doi:10.1145/3136825.3136864.
[8] Al-Share, R. A., Shatnawi, A. S., & Al-Duwairi, B. (2022). Detecting and Mitigating Collusive Interest Flooding Attacks in Named Data Networking. IEEE Access, 10, 65996–66017. doi:10.1109/access.2022.3184304.
[9] Benmoussa, A., Kerrache, C. A., Lagraa, N., Mastorakis, S., Lakas, A., & Tahari, A. E. K. (2022). Interest Flooding Attacks in Named Data Networking: Survey of Existing Solutions, Open Issues, Requirements, and Future Directions. ACM Computing Surveys, 55(7), 1–37. doi:10.1145/3539730.
[10] Gasti, P., Tsudik, G., Uzun, E., & Zhang, L. (2013). DoS and DDoS in Named Data Networking. 2013 22nd International Conference on Computer Communication and Networks (ICCCN), 1–7. doi:10.1109/icccn.2013.6614127.
[11] Xin, Y., Li, Y., Wang, W., Li, W., & Chen, X. (2016). A Novel Interest Flooding Attacks Detection and Countermeasure Scheme in NDN. 2016 IEEE Global Communications Conference (GLOBECOM), 1–7. doi:10.1109/glocom.2016.7841526.
[12] Xing, G., Li, X., & Hou, R. (2024). A Reconstruction Forest-Based Interest Flooding Attack Detection Method in Named Data Networking. 2024 International Conference on Computing, Networking and Communications (ICNC), 823–829. doi:10.1109/icnc59896.2024.10556003.
[13] Kai Wang, Huachun Zhou, Yajuan Qin, Jia Chen, & Hongke Zhang. (2013). Decoupling malicious Interests from Pending Interest Table to mitigate Interest Flooding Attacks. 2013 IEEE Globecom Workshops (GC Wkshps), 963–968. doi:10.1109/glocomw.2013.6825115.
[14] Tang, J., Zhang, Z., Liu, Y., & Zhang, H. (2013). Identifying Interest Flooding in Named Data Networking. 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, 306–310. doi:10.1109/greencom-ithings-cpscom.2013.68.
[15] Zhi, T., Luo, H., & Liu, Y. (2018). A gini impurity-based interest flooding attack defence mechanism in NDN. IEEE Communications Letters, 22(3), 538–541. doi:10.1109/LCOMM.2018.2789896.
[16] Hou, R., Han, M., Chen, J., Hu, W., Tan, X., Luo, J., & Ma, M. (2019). Theil-Based Countermeasure against Interest Flooding Attacks for Named Data Networks. IEEE Network, 33(3), 116–121. doi:10.1109/MNET.2019.1800350.
[17] Dhiwar, C., Kumari, M. K., Tripathi, N., & Joshi, P. (2025). A Statistical Anomaly Detection Approach to Detect Induced Interest Flooding Attacks in NDN. 2025 17th International Conference on COMmunication Systems and NETworks (COMSNETS), 1305–1310. doi:10.1109/comsnets63942.2025.10885725.
[18] Karami, A., & Guerrero-Zapata, M. (2015). A hybrid multiobjective RBF-PSO method for mitigating DoS attacks in Named Data Networking. Neurocomputing, 151, 1262–1282. doi:10.1016/j.neucom.2014.11.003.
[19] Zhi, T., Liu, Y., Wang, J., & Zhang, H. (2020). Resist Interest Flooding Attacks via Entropy-SVM and Jensen-Shannon Divergence in Information-Centric Networking. IEEE Systems Journal, 14(2), 1776–1787. doi:10.1109/JSYST.2019.2939371.
[20] Afanasyev, A., Mahadevan, P., Moiseenko, I., Uzun, E., & Zhang, L. (2013). Interest flooding attack and countermeasures in named data networking. 2013 IFIP Networking Conference, IEEE, 22-24 May, 2013, Brooklyn, United States.
[21] Mandapati, S. G., Ranaweera, C., & Doss, R. (2024). Advancing NDN Security for IoT: Harnessing Machine Learning to Detect Attacks. 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S), 53–55. doi:10.1109/dsn-s60304.2024.00023.
[22] Benmoussa, A., Tahari, A. el K., Kerrache, C. A., Lagraa, N., Lakas, A., Hussain, R., & Ahmad, F. (2020). MSIDN: Mitigation of Sophisticated Interest flooding-based DDoS attacks in Named Data Networking. Future Generation Computer Systems, 107, 293–306. doi:10.1016/j.future.2020.01.043.
[23] Wu, Z., Feng, W., Yue, M., Xu, X., & Liu, L. (2020). Mitigation measures of collusive interest flooding attacks in named data networking. Computers & Security, 97, 101971. doi:10.1016/j.cose.2020.101971.
[24] Benarfa, A., Hassan, M., Compagno, A., Losiouk, E., Yagoubi, M.B., & Conti, M. (2019). ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN. Wired/Wireless Internet Communications. WWIC 2019. Lecture Notes in Computer Science, vol 11618. Springer, Cham, Switzerland. doi:10.1007/978-3-030-30523-9_5.
[25] Benarfa, A., Hassan, M., Losiouk, E., Compagno, A., Yagoubi, M. B., & Conti, M. (2021). ChoKIFA+: an early detection and mitigation approach against interest flooding attacks in NDN. International Journal of Information Security, 20(3), 269–285. doi:10.1007/s10207-020-00500-z.
[26] Yang, J., Ding, K., Xue, K., Han, J., Wei, D. S. L., Sun, Q., & Lu, J. (2025). HPR-DS: A Hybrid Proactive Reactive Defense Scheme Against Interest Flooding Attack in Named Data Networking. IEEE Transactions on Networking, 33(4), 1854–1869. doi:10.1109/ton.2025.3546547.
[27] Xing, G., Chen, J., Hou, R., Zhou, L., Dong, M., Zeng, D., Luo, J., & Ma, M. (2021). Isolation Forest-Based Mechanism to Defend against Interest Flooding Attacks in Named Data Networking. IEEE Communications Magazine, 59(3), 98–103. doi:10.1109/MCOM.001.2000368.
[28] Joseph K, S. (2024). Multi-classifier and meta-heuristic based cache pollution attacks and interest flooding attacks detection and mitigation model for named data networking. Journal of Experimental & Theoretical Artificial Intelligence, 36(6), 839–864. doi:10.1080/0952813x.2022.2115141.
[29] Kumar, N., Singh, A. K., & Srivastava, S. (2021). Feature selection for interest flooding attack in named data networking. International Journal of Computers and Applications, 43(6), 537–546. doi:10.1080/1206212X.2019.1583820.
[30] Mandala, S., Ramadhan, A. I., Rosalinda, M., Zaki, S. M., & Weippl, E. (2022). DDoS Detection Using Information Gain Feature Selection and Random Forest Classifier. 2022 2nd International Conference on Intelligent Cybernetics Technology & Applications (ICICyTA), 294–299. doi:10.1109/icicyta57421.2022.10038126.
[31] Jupriyadi, & Kistijantoro, A. I. (2014). Vitality based feature selection for intrusion detection. 2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA), 93–96. doi:10.1109/icaicta.2014.7005921.
[32] Miguel-Andrés, I., Ramos-Frutos, J., Sharawi, M., Oliva, D., Reyes-Dávila, E., Casas-Ordaz, Á., Pérez-Cisneros, M., & Zapotecas-Martínez, S. (2024). Wrapper-Based Feature Selection to Classify Flatfoot Disease. IEEE Access, 12, 22433–22447. doi:10.1109/access.2024.3361936.
[33] Naiem, S., Khedr, A. E., Idrees, A. M., & Marie, M. I. (2023). Enhancing the Efficiency of Gaussian Naïve Bayes Machine Learning Classifier in the Detection of DDOS in Cloud Computing. IEEE Access, 11, 124597–124608. doi:10.1109/access.2023.3328951.
[34] Ferdousi, T., Cohnstaedt, L. W., & Scoglio, C. M. (2021). A Windowed Correlation-Based Feature Selection Method to Improve Time Series Prediction of Dengue Fever Cases. IEEE Access, 9, 141210–141222. doi:10.1109/access.2021.3120309.
[35] Garrett, D., Peterson, D. A., Anderson, C. W., & Thaut, M. H. (2003). Comparison of linear, nonlinear, and feature selection methods for EEG signal classification. IEEE Transactions on Neural Systems and Rehabilitation Engineering, 11(2), 141–144. doi:10.1109/tnsre.2003.814441.
[36] Wisanwanichthan, T., & Thammawichai, M. (2021). A Double-Layered Hybrid Approach for Network Intrusion Detection System Using Combined Naive Bayes and SVM. IEEE Access, 9, 138432–138450. doi:10.1109/access.2021.3118573.
[37] Perez-Diaz, J. A., Valdovinos, I. A., Choo, K. K. R., & Zhu, D. (2020). A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning. IEEE Access, 8, 155859–155872. doi:10.1109/ACCESS.2020.3019330.
[38] Ismail, Mohmand, M. I., Hussain, H., Khan, A. A., Ullah, U., Zakarya, M., Ahmed, A., Raza, M., Rahman, I. U., & Haleem, M. (2022). A Machine Learning-Based Classification and Prediction Technique for DDoS Attacks. IEEE Access, 10, 21443–21454. doi:10.1109/access.2022.3152577.
[39] Faruq, Z. F., Mantoro, T., Catur Bhakti, M. A., & Wandy. (2022). Random Forest Classifier Evaluation in DDoS Detection System for Cyber Defence Preparation. 2022 IEEE 8th International Conference on Computing, Engineering and Design, ICCED, 1–5,. doi:10.1109/ICCED56140.2022.10010341.
[40] Yin, H., Xue, M., Xiao, Y., Xia, K., & Yu, G. (2019). Intrusion Detection Classification Model on an Improved k-Dependence Bayesian Network. IEEE Access, 7, 157555–157563. doi:10.1109/access.2019.2949890.
- This work (including HTML and PDF Files) is licensed under a Creative Commons Attribution 4.0 International License.
