A lightweight mechanism for detection of cache pollution attacks in Named Data Networking

Content-Centric Networking (CCN) is an emerging paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content - rather than addressable hosts - becomes a first-class entity. Content is therefore decoupled from its location. This allows, among other things, the implementation of ubiquitous caching. Named-Data Networking (NDN) is a prominent example of CCN. In NDN, all nodes (i.e., hosts, routers) are allowed to have a local cache, used to satisfy incoming requests for content. This makes NDN a good architecture for efficient large scale content distribution. However, reliance on caching allows an adversary to perform attacks that are very effective and relatively easy to implement. Such attacks include cache poisoning (i.e., introducing malicious content into caches) and cache pollution (i.e., disrupting cache locality). This paper focuses on cache pollution attacks, where the adversary's goal is to disrupt cache locality to increase link utilization and cache misses for honest consumers. We show, via simulations, that such attacks can be implemented in NDN using limited resources, and that their effectiveness is not limited to small topologies. We then illustrate that existing proactive countermeasures are ineffective against realistic adversaries. Finally, we introduce a new technique for detecting pollution attacks. Our technique detects high and low rate attacks on different topologies with high accuracy.

[1]  Niklas Carlsson,et al.  Power-law revisited: large scale measurement study of P2P content popularity , 2010, IPTPS.

[2]  Vitaly Shmatikov,et al.  The Hitchhiker's Guide to DNS Cache Poisoning , 2010, SecureComm.

[3]  Aleksandar Kuzmanovic,et al.  Pollution attacks and defenses for Internet caching systems , 2008, Comput. Networks.

[4]  Songqing Chen,et al.  The stretched exponential distribution of internet media access patterns , 2008, PODC '08.

[5]  Heejo Lee,et al.  Detection of cache pollution attacks using randomness checks , 2012, 2012 IEEE International Conference on Communications (ICC).

[6]  Xiaoning Ding,et al.  Measurements, analysis, and modeling of BitTorrent-like systems , 2005, IMC '05.

[7]  Songqing Chen,et al.  Does internet media traffic really follow Zipf-like distribution? , 2007, SIGMETRICS '07.

[8]  Siti Mariyam Shamsuddin,et al.  A Survey of Web Caching and Prefetching , 2011 .

[9]  George Kingsley Zipf,et al.  Human behavior and the principle of least effort , 1949 .

[10]  László Böszörményi,et al.  A survey of Web cache replacement strategies , 2003, CSUR.

[11]  Paul Barford,et al.  A Learning-Based Approach for IP Geolocation , 2010, PAM.

[12]  Martin Arlitt,et al.  Enhancement and Validation of Squid's Cache Replacement Policy , 1999 .

[13]  Nikolaos Laoutaris,et al.  The LCD interconnection of LRU caches and its analysis , 2006, Perform. Evaluation.

[14]  George Pavlou,et al.  Cache "Less for More" in Information-Centric Networks , 2012, Networking.

[15]  A. Neumaier,et al.  A NEW PIVOTING STRATEGY FOR GAUSSIAN ELIMINATION , 1996 .

[16]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[17]  ChenYan,et al.  Pollution attacks and defenses for Internet caching systems , 2008 .

[18]  Martin F. Arlitt,et al.  Improving Proxy Cache Performance: Analysis of Three Replacement Policies , 1999, IEEE Internet Comput..

[19]  Marwan Krunz,et al.  An overview of web caching replacement algorithms , 2004, IEEE Communications Surveys & Tutorials.

[20]  Mauro Conti,et al.  Cache Privacy in Named-Data Networking , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems.

[21]  Mengjun Xie,et al.  Enhancing cache robustness for content-centric networking , 2012, 2012 Proceedings IEEE INFOCOM.

[22]  Martin F. Arlitt,et al.  Evaluating content management techniques for Web proxy caches , 2000, PERV.

[23]  Giuseppe Di Battista,et al.  26 Computer Networks , 2004 .

[24]  Donald E. Knuth The Art of Computer Programming 2 / Seminumerical Algorithms , 1971 .

[25]  Oliver Heckmann,et al.  On realistic network topologies for simulation , 2003, MoMeTools '03.

[26]  Li Fan,et al.  Web caching and Zipf-like distributions: evidence and implications , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[27]  Azer Bestavros,et al.  Distributed Selfish Caching , 2007, IEEE Transactions on Parallel and Distributed Systems.