Sci Rep. 2026 Jun 24. doi: 10.1038/s41598-026-58988-9. Online ahead of print.
ABSTRACT
Named Data Networking (NDN) represents a paradigm shift toward content-centric architectures but remains critically vulnerable to Interest Flooding Attacks (IFAs), where malicious actors overwhelm router Pending Interest Tables with spurious requests, causing service degradation and denial-of-service. To address the limitations of existing approaches, including high false positives in threshold-based methods and substantial overhead in centralized learning, we propose FL-IFAshield, a novel federated learning framework for adaptive IFA mitigation. Our solution integrates dynamic Poisson-EMA thresholding for accurate flood detection, entropy-aware federated aggregation to handle non-IID traffic distributions across edge routers, and Byzantine-robust mechanisms with differential privacy guarantees. Comprehensive evaluation on the FIT/IoT-LAB testbed with 100 routers demonstrates exceptional performance: 93.1% F1-score in attack detection, only 5% false positives, 28 ms average end-to-end latency ([Formula: see text]), and over 90% legitimate Interest Satisfaction Ratio under sophisticated collusive attacks, while maintaining minimal computational overhead (<9% CPU utilization on ARMv8 routers). FL-IFAshield significantly improves security performance, offering 35% higher accuracy than static thresholding and 60% lower communication overhead than centralized approaches. While simpler heuristic baselines naturally incur marginally lower computational footprints, our solution delivers the optimal overall operational balance among high precision, low end-to-end latency ([Formula: see text]), and resource efficiency in constrained edge computing environments.
PMID:42342794 | DOI:10.1038/s41598-026-58988-9
