Needle in a Haystack: Mitigating Content Poisoning in Named-Data Networking
نویسندگان
چکیده
Named-Data Networking (NDN) is a candidate next-generation Internet architecture designed to address some limitations of the current IP-based Internet. NDN uses the pull model for content distribution, whereby content is first explicitly requested before being delivered. Efficiency is obtained via routerbased aggregation of closely spaced requests for popular content and content caching in routers. Although it reduces latency and increases bandwidth utilization, router caching makes the network susceptible to new cache-centric attacks, such as content poisoning. In this paper, we propose a ranking algorithm for cached content that allows routers to distinguish good and (likely) bad content. This ranking is based on statistics collected from consumers’ actions following delivery of content objects. Experimental results support our assertion that the proposed ranking algorithm can effectively mitigate content poisoning attacks.
منابع مشابه
An ANFIS-based cache replacement method for mitigating cache pollution attacks in Named Data Networking
Named Data Networking (NDN) is a candidate next-generation Internet architecture designed to overcome the fundamental limitations of the current IP-based Internet, in particular strong security. The ubiquitous in-network caching is a key NDN feature. However, pervasive caching strengthens security problems namely cache pollution attacks including cache poisoning (i.e., introducing malicious con...
متن کاملA hybrid multiobjective RBF-PSO method for mitigating DoS attacks in Named Data Networking
Named Data Networking (NDN) is a promising network architecture being considered as a possible replacement for the current IP-based (host-centric) Internet infrastructure. NDN can overcome the fundamental limitations of the current Internet, in particular, Denial-of-Service (DoS) attacks. However, NDN can be subject to new type of DoS attacks namely Interest flooding attacks and content poisoni...
متن کاملContent-Centric Networking: Effect of Content Caching on Mitigating DoS Attack
Content-Centric Networking (CCN) is a novel networking paradigm making named data the first class entity rather than IP address. That is, it cares about which data to fetch rather than which host to reach. One key feature of CCN is the content caching that CCN routers are caching named contents instead of IP addresses, which makes the effect of Denial-of-Service (DoS) attack different from in T...
متن کاملThe Needles-in-Haystack Problem
We consider a new data mining problem of detecting the members of a rare class of data, the needles, that have been hidden in a set of records, the haystack. Besides the haystack, a single instance of a needle is given. It is assumed that members of the needle class are similar according to an unknown needle characterization. The goal is to find the needle records hidden in the haystack. This p...
متن کاملSecurity and Privacy Issues in Content-Centric Networking
Security and Privacy Issues in Content-Centric Networking By Cesar Ghali Doctor of Philosophy in Networked Systems University of California, Irvine, 2016 Professor Gene Tsudik, Chair Content-Centric Networking (CCN) is a networking paradigm alternative to today’s IP-based Internet Architecture. One fundamental goal of CCN is to include security and privacy as part of its design. CCN adheres to ...
متن کامل