In order to deal with the cache pollution attacks in Content Centric Networking (CCN), a defense scheme based on cache diversification was proposed. To reduce the attack scope, the in-network content services were divided into three categories and different cache strategies were used for different services. For private and real-time services, contents were directly delivered without being cached; for streaming media services, contents were pushed to be cached in the edge of network according to probablity; for document services, the priority was caching contents in the upstream, then pushing them to the downstream. Then different defense methods were configured on different nodes. For the edge nodes, attacks were detected by observing the request probability variation of different contents; for the upstream nodes, contents with low request rate were ruled out from the cache space by setting filter rules. The simulation results show that the network average hit ratio under service diversification mechanism is 17.3% higher than that under CCN with traditional caching strategies.The proposed scheme can effectively improve the defense capability of the network for the cache pollution attack.
A method of object detection with few samples based on two-stage voting was proposed to detect objects using template matching method while there are only a few samples. Firstly, the voting space was constructed off-line by using probability model through several samples. Then, a method of two-stage voting was used to detect objects in testing images. In the first stage, the components of object from testing image were detected, and the positions of components in query image were saved. In the second stage, the similarity of the object was computed integrally based on the components. According to the theory analysis and experimental results, the proposed method obtains lower computation complexity and higher precisions than previous works.
In order to manage the whole network, a novel traffic model was proposed based on the regression formula method. The core of model had three parts: (1) acquiring the delay by injecting probe packet train into the network based on Internet Protocol Measurement Protocol (IPMP); (2) deducing regression formula according to M/M/1 queue model; (3) acquiring the path by active measurement. In order to compute regression formula, the coefficients were acquired by the least square method. It is proved that the regression formula method is effective, and the competed traffic error is within 30% by regress formula.