内容中心网络中基于多样化存储的缓存污染防御机制

doi:10.11772/j.issn.1001-9081.2015.06.1688

计算机应用 ›› 2015, Vol. 35 ›› Issue (6): 1688-1692.DOI: 10.11772/j.issn.1001-9081.2015.06.1688

内容中心网络中基于多样化存储的缓存污染防御机制

郑林浩, 汤红波, 葛国栋

国家数字交换系统工程技术研究中心, 郑州 450002

收稿日期:2015-01-04 修回日期:2015-02-11 发布日期:2015-06-12
通讯作者: 郑林浩(1991-),男,河南辉县人,硕士研究生,主要研究方向:移动互联网、移动通信;zlh5268@163.com
作者简介:汤红波(1968-),男,湖北孝感人,教授,主要研究方向:可移动网络、移动通信;葛国栋(1985-),男,陕西咸阳人,博士研究生,主要研究方向:可移动网络、移动通信。
基金资助:
国家973计划项目(2012CB315901);国家自然科学基金资助项目(61372121)。

Cache pollution attack defense scheme based on cache diversification in content centric networking

ZHENG Linhao, TANG Hongbo, GE Guodong

National Digital Switching System Engineering and Technological Research and Development Center, Zhengzhou Henan 450002, China

Received:2015-01-04 Revised:2015-02-11 Published:2015-06-12

摘要/Abstract

摘要：

针对内容中心网络(CCN)中的缓存污染攻击问题,提出一种基于多样化存储的缓存污染防御机制。对不同业务内容采取差异化缓存从而减小网络受攻击面,将业务划分为三类并采用不同缓存策略:对隐私及实时性业务不予缓存;对流媒体业务以概率推送至网络边缘缓存;对其他文件类内容业务由上游到边缘逐步推送缓存。在不同节点分别配置不同的缓存污染攻击防御手段:对于边缘节点通过内容请求到达概率的变化对攻击进行检测;对于上游节点通过设置过滤规则将请求概率较低的内容排除出缓存空间。仿真结果表明,相比CNN传统缓存策略下的防御效果,该机制使网络平均缓存命中率提高了17.3%,该机制能够有效提升网络对于缓存污染攻击的防御能力。

关键词: 内容中心网络, 缓存污染攻击, 缓存策略, 业务多样化, 防御机制

Abstract:

In order to deal with the cache pollution attacks in Content Centric Networking (CCN), a defense scheme based on cache diversification was proposed. To reduce the attack scope, the in-network content services were divided into three categories and different cache strategies were used for different services. For private and real-time services, contents were directly delivered without being cached; for streaming media services, contents were pushed to be cached in the edge of network according to probablity; for document services, the priority was caching contents in the upstream, then pushing them to the downstream. Then different defense methods were configured on different nodes. For the edge nodes, attacks were detected by observing the request probability variation of different contents; for the upstream nodes, contents with low request rate were ruled out from the cache space by setting filter rules. The simulation results show that the network average hit ratio under service diversification mechanism is 17.3% higher than that under CCN with traditional caching strategies.The proposed scheme can effectively improve the defense capability of the network for the cache pollution attack.

Key words: Content Centric Networking (CCN), cache pollution attack, cache strategy, service diversification, defense mechanism

中图分类号:

TP393

郑林浩, 汤红波, 葛国栋. 内容中心网络中基于多样化存储的缓存污染防御机制[J]. 计算机应用, 2015, 35(6): 1688-1692.

ZHENG Linhao, TANG Hongbo, GE Guodong. Cache pollution attack defense scheme based on cache diversification in content centric networking[J]. Journal of Computer Applications, 2015, 35(6): 1688-1692.

参考文献

[1] Cisco visual networking index: global mobile data traffic forecast update 2013-2017 [R/OL]. [2009-11-17]. http//www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns827/white-paper-c11-520862.
[2] XYLOMENOS G, VERVERIDIS C, SIRIS V, et al. A survey of information-centric networking research[J]. IEEE Communications Surveys and Tutorials, 2014, 16(2): 1024-1049.
[3] CHAABANE A, CRISTOFARO E D, KAAFAR M A, et al. Privacy in content-oriented networking: threats and countermeasures [J]. ACM SIGCOMM Computer Communication Review, 2013, 43(3): 25-33.
[4] LAUINGER T. Security and scalability of content-centric networking [D]. Darmstadt: Technische Universität Darmstadt, 2010.
[5] AFANASYEV A, MAHADEVAN P, MOISEENKO I, et al. Interest flooding attack and countermeasures in named data networking [C]//Proceedings of the 2013 IFIP Networking Conference. Piscataway: IEEE, 2013: 1-9.
[6] KIM Y, YEOM I. Performance analysis of in-network caching for content-centric networking [J]. Computer Networks, 2013, 57(13): 2465-2482.
[7] CONTI M, GASTI P, TEOLI M. A lightweight mechanism for detection of cache pollution attacks in named data networking [J]. Computer Networks, 2013, 57(16): 3178-3191.
[8] PARK H, WIDJAJA I, LEE H. Detection of cache pollution attacks using randomness checks [C]//Proceedings of the 2012 IEEE International Conference on Communications. Piscataway: IEEE, 2012: 1096-1100.
[9] XIE M, WIDJAJA I, WANG H. Enhancing cache robustness for content-centric networking [C]//2012 Proceedings IEEE INFOCOM. Piscataway: IEEE, 2012: 2426-2434.
[10] SANDBERG A, EKLÖV D, HAGERSTEN E. Reducing cache pollution through detection and elimination of non-temporal memory accesses [C]//Proceedings of the 2010 ACM/IEEE International Conference for High Performance Computing, Networking, Storage and Analysis. Washington DC: IEEE Computer Society, 2010: 1-11.
[11] LI H B, LI Y, LIN T, et al. MERTS: a more efficient real-time traffic support scheme for content centric networking [C]//Proceedings of the 2011 6th International Computer Sciences and Convergence Information Technology. Piscataway: IEEE, 2011: 528-533.
[12] FRICKER C, ROBERT P, ROBERTS J, et al. Impact of traffic mix on caching performance in a content-centric network [C]//Proceedings of the 31th Annual International Conference on Computer Communications Workshops. Piscataway: IEEE, 2012: 310-315.
[13] CAROFIGLIO G, GALLO M, MUSCARIELLO L, et al. Evaluating per-application storage management in content-centric networks [J]. Computer Communications, 2013, 36(7): 750-757.
[14] PSARAS I, CHAI W K, PAVLOU G. Probabilistic in-network caching for information-centric networks [C]//Proceedings of the Second Edition of the ICN Workshop on Information-Centric Networking. New York: ACM, 2012: 55-60.
[15] CHAABANE A, CRISTOFARO E D, KAAFAR M A, et al. Privacy in content-oriented networking: threats and countermeasures [J]. ACM SIGCOMM Computer Communication Review, 2013, 43(3): 25-33.
[16] PSARAS I, CLEGG R G, LANDA R, et al. Modelling and evaluation of CCN-caching trees [C]//Proceedings of the 10th International IFIP TC6 Networking Conference on NETWORKING 2011, LNCS 6640. Berlin: Springer, 2011: 78-91.

内容中心网络中基于多样化存储的缓存污染防御机制

Cache pollution attack defense scheme based on cache diversification in content centric networking

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

[1]	熊炼, 李朋明, 陈翔, 朱红梅. 内容中心网络中基于用户偏好的协作缓存策略[J]. 计算机应用, 2018, 38(12): 3509-3513.
[2]	杜金莲张雪. 三维地形模型流式传输方法[J]. 计算机应用, 2010, 30(10): 2661-2664.