内容中心网中多参数的缓存污染攻击检测算法
|
摘要
针对内容中心网络中的缓存污染攻击检测问题,以单位时间缓存替换率、内容请求平均跳数、节点流量和低流行内容的稳态存储比例4个参数作为攻击下的节点状态参数,根据模糊层次分析法建立了攻击下的模糊层次结构模型,进而确定了攻击对各个状态参数的影响权重并定义了攻击影响度,通过观测攻击影响度并设置判决门限来检测攻击是否发生。仿真结果与性能分析表明,所提检测算法能有效检测Locality-Disruption和False-Locality两类典型的缓存污染攻击,与现有主要检测算法相比,可保证较高的正确检测率和较低的平均检测时延。
Aiming at the detection of cache pollution attack in content centric networking, four parameters are taken as the node status parameters under attack, namely cache replacement ratio per unit time, content average request hops, node traffic and steady state storage ratio of low popular content. This paper builds a fuzzy hierarchy model under attack according to the fuzzy hierarchy analysis, then determines the impact weight of the attack on each parameter and defines the attack impact degree, and finally detects whether the attack occurs by observing attack impact degree and setting the decision threshold. Simulation results and performance analysis show that the proposed algorithm can detect two typical cache pollution attacks effectively, that is Locality-Disruption and False-Locality. Compared with the mainly existing detection algorithms, the proposed algorithm can ensure a higher correct detection ratio and a lower average detection delay.
Aiming at the detection of cache pollution attack in content centric networking, four parameters are taken as the node status parameters under attack, namely cache replacement ratio per unit time, content average request hops, node traffic and steady state storage ratio of low popular content. This paper builds a fuzzy hierarchy model under attack according to the fuzzy hierarchy analysis, then determines the impact weight of the attack on each parameter and defines the attack impact degree, and finally detects whether the attack occurs by observing attack impact degree and setting the decision threshold. Simulation results and performance analysis show that the proposed algorithm can detect two typical cache pollution attacks effectively, that is Locality-Disruption and False-Locality. Compared with the mainly existing detection algorithms, the proposed algorithm can ensure a higher correct detection ratio and a lower average detection delay.
引文
[1]Jacobson V,Smetters D K,Thornton J D,et al.Networking named content[C]//Proceedings of the 5th Internationa Conference on Emerging Networking Experiments and Technologies,2009:1-12.
[2]Lauinger T.Security&scalability of content-centric networking[D].Technische Universit?t Darmstadt,2010.
[3]Conti M,Gasti P,Teoli M.A lightweight mechanism for detection of cache pollution attacks in named data networking[J].Computer Networks,2013,57(16):3178-3191.
[4]Park H,Widjaja I,Lee H.Detection of cache pollution attacks using randomness checks[C]//2012 IEEE International Conference on Communications,2012:1096-1100.
[5]Karami A,Guerrero-Zapata M.An anfis-based cache replacement method for mitigating cache pollution attacks in named data networking[J].Computer Networks,2015,80:51-65.
[6]Xu Z,Chen B,Wang N,et al.ELDA:towards efficient and lightweight detection of cache pollution attacks in NDN[C]//2015 IEEE 40th Confernece on Local Computer Networks,2015:82-90.
[7]Kamimoto T,Mori K,Umeda S,et al.Cache protection method based on prefix hierarchy for content-oriented network[C]//IEEE Consumer Communications&Networking Conference,2016:417-422.
[8]Saaty T L.What is the analytic hierarchy process?[M]//Mathematical models for decision support.New York:Springer-Verlag,1988:109-121.
[9]Buckley J J,Feuring T,Hayashi Y.Fuzzy hierarchical analysis[C]//1999 IEEE International Fuzzy Systems Conference Proceedings,1999:1009-1013.
[10]Fricker C,Robert P,Roberts J,et al.Impact of traffic mix on caching performance in a content-centric network[C]//Computer Communications Workshops,2012:310-315.
[11]Psaras I,Clegg R G,Landa R,et al.Modelling and evaluation of CCN-caching trees[C]//International IFIP TC 6Conference on Networking.Berlin:Springer-Verlag,2011:78-91.
[12]朱轶,糜正琨,王文鼐.内容中心网络缓存污染防御技术研究[J].南京邮电大学学报(自然科学版),2015,35(2):27-33.
[13]汤红波,郑林浩,葛国栋,等.CCN中基于节点状态模型的缓存污染攻击检测算法[J].通信学报,2016,37(9):1-9.
[14]姚敏.一种实用的模糊层次分析法[J].软科学,1990(1):46-52.
[15]Riley G F,Henderson T R.The ns-3 network simulator[M]//Modeling and tools for network simulation.Berlin:Springer,2010:15-34.
[16]Afanasyev A,Moiseenko I,Zhang L.ndnSIM:ndn simulator for NS-3:NDN-0005[R].2012.
[17]Spring N,Mahajan R,Wetherall D.Measuring ISP topologies with Rocketfuel[J].ACM SIGCOMM Computer Communication Review,2002,32(4):133-145.
[18]Carofiglio G,Gallo M,Muscariello L,et al.Modeling data transfer in content-centric networking[C]//23rd International Teletraffic Congress,2011:111-118.
[19]Guo H,Wang X,Chang K,et al.Exploiting path diversity for thwarting pollution attacks in named data networking[J].IEEE Transactions on Information Forensics and Security,2016,11(9):2077-2090.
[2]Lauinger T.Security&scalability of content-centric networking[D].Technische Universit?t Darmstadt,2010.
[3]Conti M,Gasti P,Teoli M.A lightweight mechanism for detection of cache pollution attacks in named data networking[J].Computer Networks,2013,57(16):3178-3191.
[4]Park H,Widjaja I,Lee H.Detection of cache pollution attacks using randomness checks[C]//2012 IEEE International Conference on Communications,2012:1096-1100.
[5]Karami A,Guerrero-Zapata M.An anfis-based cache replacement method for mitigating cache pollution attacks in named data networking[J].Computer Networks,2015,80:51-65.
[6]Xu Z,Chen B,Wang N,et al.ELDA:towards efficient and lightweight detection of cache pollution attacks in NDN[C]//2015 IEEE 40th Confernece on Local Computer Networks,2015:82-90.
[7]Kamimoto T,Mori K,Umeda S,et al.Cache protection method based on prefix hierarchy for content-oriented network[C]//IEEE Consumer Communications&Networking Conference,2016:417-422.
[8]Saaty T L.What is the analytic hierarchy process?[M]//Mathematical models for decision support.New York:Springer-Verlag,1988:109-121.
[9]Buckley J J,Feuring T,Hayashi Y.Fuzzy hierarchical analysis[C]//1999 IEEE International Fuzzy Systems Conference Proceedings,1999:1009-1013.
[10]Fricker C,Robert P,Roberts J,et al.Impact of traffic mix on caching performance in a content-centric network[C]//Computer Communications Workshops,2012:310-315.
[11]Psaras I,Clegg R G,Landa R,et al.Modelling and evaluation of CCN-caching trees[C]//International IFIP TC 6Conference on Networking.Berlin:Springer-Verlag,2011:78-91.
[12]朱轶,糜正琨,王文鼐.内容中心网络缓存污染防御技术研究[J].南京邮电大学学报(自然科学版),2015,35(2):27-33.
[13]汤红波,郑林浩,葛国栋,等.CCN中基于节点状态模型的缓存污染攻击检测算法[J].通信学报,2016,37(9):1-9.
[14]姚敏.一种实用的模糊层次分析法[J].软科学,1990(1):46-52.
[15]Riley G F,Henderson T R.The ns-3 network simulator[M]//Modeling and tools for network simulation.Berlin:Springer,2010:15-34.
[16]Afanasyev A,Moiseenko I,Zhang L.ndnSIM:ndn simulator for NS-3:NDN-0005[R].2012.
[17]Spring N,Mahajan R,Wetherall D.Measuring ISP topologies with Rocketfuel[J].ACM SIGCOMM Computer Communication Review,2002,32(4):133-145.
[18]Carofiglio G,Gallo M,Muscariello L,et al.Modeling data transfer in content-centric networking[C]//23rd International Teletraffic Congress,2011:111-118.
[19]Guo H,Wang X,Chang K,et al.Exploiting path diversity for thwarting pollution attacks in named data networking[J].IEEE Transactions on Information Forensics and Security,2016,11(9):2077-2090.