This research investigates Interest Flooding and Cache Poisoning attacks in Named Data Networking (NDN), a content-centric architecture vulnerable to at tacks despite its built-in security features. The study addresses critical gaps in NDN security by analyzing attack impacts across hierarchical Tree and mesh DFN topolo gies using Mini-NDN with NDN Forwarding Daemon components. Comprehensive datasets containing over 133,000 entries were generated, cap turing network metrics during normal and attack conditions. Analysis revealed the Tree topology handled higher traffic volumes (100,128 vs 33,192 packets) while DFNshowed higher proportions of attack traffic (42.44% vs 36.44%). Three machine learning algorithms—Random Forest, Decision Tree, and K Nearest Neighbors—were evaluated for attack detection and mitigation. All three achieved near-perfect performance (F1 Score 1.0000 on Tree topology and 0.9998 on DFN topology), significantly outperforming rule-based approaches. The im provement was particularly notable on the DFN topology, with a 15.78% increase in F1 Score compared to 6.10% on Tree topology. The machine learning systems eliminated false positives entirely (reduced from 6.99% to 0% on Tree and from 23.31% to 0% on DFN) while maintaining 100% attack detection on Tree and 99.97% on DFN. Feature importance analysis identi f ied size ratio and packet size as the most critical detection parameters across both topologies. This research contributes to NDN security through comparative analysis of at tack mitigation across different topologies, highly effective machine learning mod els, identification of critical detection features, and practical strategies that enhance NDNresilience while preserving legitimate traffic.
Keywords: Named Data Networking; Interest Flooding; Cache Poisoning; Attack mitigation; Tree Topology; DFN topology; Machine Learning; Random Forest; De cision Tree; K-Nearest Neighbors