An ANFIS-based cache replacement method for mitigating cache pollution attacks in Named Data Networking

Article English OPEN
Karami, Amin ; Guerrero-Zapata, Manel (2015)
  • Publisher: Elsevier
  • Related identifiers: doi: 10.1016/j.comnet.2015.01.020
  • Subject: False-locality | ANFIS | Cache replacement | Computer networks -- Security measures | Locality-disruption | Named Data Networking | :Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors [Àrees temàtiques de la UPC] | Ordinadors, Xarxes d' -- Mesures de seguretat
    acm: Hardware_MEMORYSTRUCTURES

Named Data Networking (NDN) is a candidate next-generation Internet architecture designed to overcome the fundamental limitations of the current IP-based Internet, in particular strong security. The ubiquitous in-network caching is a key NDN feature. However, pervasive caching strengthens security problems namely cache pollution attacks including cache poisoning (i.e., introducing malicious content into caches as false-locality) and cache pollution (i.e., ruining the cache locality with new unpopular content as locality-disruption). In this paper, a new cache replacement method based on Adaptive Neuro-Fuzzy Inference System (ANFIS) is presented to mitigate the cache pollution attacks in NDN. The ANFIS structure is built using the input data related to the inherent characteristics of the cached content and the output related to the content type (i.e., healthy, locality-disruption, and false-locality). The proposed method detects both false-locality and locality-disruption attacks as well as a combination of the two on different topologies with high accuracy, and mitigates them efficiently without very much computational cost as compared to the most common policies. Peer Reviewed
  • References (44)
    44 references, page 1 of 5

    [1] Jacobson, V., Smetters, D.K., Thornton, J.D., Plass, M.F., Briggs, N.H., Braynard, R.L.. Networking named content. In: Proceedings of the 5th international conference on Emerging networking experiments and technologies. ACM; 2009, p. 1 - 12.

    [2] Zhang, G., Li, Y., Lin, T.. Caching in information centric networking: A survey. Computer Networks 2013;57(16):3128 - 3141.

    [3] Sourlas, V., Flegkas, P., Tassiulas, L.. A novel cache aware routing scheme for information-centric networks. Computer Networks 2014;59:44 - 61.

    [4] Karami, A., Guerrero-Zapata, M.. A fuzzy anomaly detection system based on hybrid pso-kmeans algorithm in content-centric networks. Neurocomputing 2015;149(Part C):1253 - 1269.

    [5] qing Wang, G., Huang, T., Liu, J., ya Chen, J., jie Liu, Y.. Modeling in-network caching and bandwidth sharing performance in information-centric networking. The Journal of China Universities of Posts and Telecommunications 2013;20(2):99 - 105.

    [6] Dannewitz, C., Kutscher, D., Ohlman, B., Farrell, S., Ahlgren, B., Karl, H.. Network of information (netinf) an informationcentric networking architecture. Computer Communications 2013;36(7):721 - 735.

    [7] Zhang, L., Estrin, D., Burke, J., Jacobson, V., Thornton, J., Smetters, D.K., et al. Named data networking (ndn) project. Tech. Rep. PARC TR-2010-3; Palo Alto Research Center; 2010.

    [8] Karami, A., Guerrero-Zapata, M.. A hybrid multiobjective rbfpso method for mitigating dos attacks in named data networking. Neurocomputing 2015;151(Part 3):1262 - 1282.

    [9] Chaabane, A., Cristofaro, E.D., Kaafar, M.A., Uzun, E.. Privacy in content-oriented networking: Threats and countermeasures. ACM SIGCOMM Computer Communication Review 2013;43(3):25 - 33.

    [10] Acs, G., Conti, M., Gasti, P., Ghali, C., Tsudik, G.. Cache privacy in named-data networking. In: 33rd IEEE International Conference on Distributed Computing Systems (ICDCS). 2013, p. 41 - 51.

  • Metrics
    No metrics available
Share - Bookmark