False-Locality Attack Detection Using CNN in Named Data Networking

Named data networking(NDN) is a very promising architecture for future network, which can improve the network performance due to its in-network caching feature. However, the pervasive caching is vulnerable against False-Locality Attack (FLA), one kind of cache pollution attack, where attackers repeatedly request a specific set of non-popular contents to replace popular contents. Therefore, the cache hit of legal requests is reduced and the response delay is increased. To mitigate this attack and improve the network performance, we propose a detection scheme based on Convolutional Neural Network (CNN) by fully exploiting the regularity of past requests. The input data of CNN are related to the inherent characteristics of the cached contents including the request ratio, the standard deviation of repeated Interests, the variance of request interval and the change of cache hit ratio. The output of CNN indicates whether FLA has been launched. Simulations through multi-topologies are conducted to validate the performance of our scheme. Compared with other state-of-the-art schemes, it is more effective in detecting FLA with higher detecting ratio, higher cache hit and lower hop count.

[1]  Mengjun Xie,et al.  Enhancing cache robustness for content-centric networking , 2012, 2012 Proceedings IEEE INFOCOM.

[2]  Aleksandar Kuzmanovic,et al.  Internet Cache Pollution Attacks and Countermeasures , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[3]  Hani Salah,et al.  CoMon++: Preventing Cache Pollution in NDN Efficiently and Effectively , 2017, 2017 IEEE 42nd Conference on Local Computer Networks (LCN).

[4]  Zhiwei Xu,et al.  ELDA: Towards efficient and lightweight detection of cache pollution attacks in NDN , 2015, 2015 IEEE 40th Conference on Local Computer Networks (LCN).

[5]  Li Fan,et al.  Web caching and Zipf-like distributions: evidence and implications , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[6]  Guoqiang Zhang,et al.  Caching in information centric networking: A survey , 2013, Comput. Networks.

[7]  Aleksandar Kuzmanovic,et al.  Pollution attacks and defenses for Internet caching systems , 2008, Comput. Networks.

[8]  Hossam S. Hassanein,et al.  A Survey of Security Attacks in Information-Centric Networking , 2015, IEEE Communications Surveys & Tutorials.

[9]  Mauro Conti,et al.  A lightweight mechanism for detection of cache pollution attacks in Named Data Networking , 2013, Comput. Networks.

[10]  Mohammad S. Obaidat,et al.  Security of e-Systems and Computer Networks , 2007 .

[11]  Xiaodong Wang,et al.  Exploiting Path Diversity for Thwarting Pollution Attacks in Named Data Networking , 2016, IEEE Transactions on Information Forensics and Security.

[12]  Heejo Lee,et al.  Detection of cache pollution attacks using randomness checks , 2012, 2012 IEEE International Conference on Communications (ICC).

[13]  Hiroshi Shigeno,et al.  Cache protection method based on prefix hierarchy for content-oriented network , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[14]  Yurong Liu,et al.  A survey of deep neural network architectures and their applications , 2017, Neurocomputing.

[15]  Patrick Crowley,et al.  Named data networking , 2014, CCRV.

[16]  Manel Guerrero Zapata,et al.  An ANFIS-based cache replacement method for mitigating cache pollution attacks in Named Data Networking , 2015, Comput. Networks.

[17]  Jiqiang Liu,et al.  Combining Popularity and Locality to Enhance In-Network Caching Performance and Mitigate Pollution Attacks in Content-Centric Networking , 2017, IEEE Access.