A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist

Standalone Name Resolution (SNR) is an essential component of many Information-Centric Networking (ICN) infrastructures that maps and stores the mappings of IDs and locators. The delivery of data can be realized only when the name resolution process is completed correctly. It also makes the SNR become the key target of network attackers. In this paper, our research focuses on the more covert and complex Content Pollution Attack (CPA). By continuously sending invalid content to the network at a low speed, attackers will consume a lot of the resources and time of the SNR system, resulting in a serious increase in the resolution delay of normal users and further cache pollution in ICN. It is difficult to be quickly detected because the characteristics of attack are inconspicuous. To address the challenge, a register access control scheme for an SNR system based on a malicious user blacklist query is proposed. A neighbor voting algorithm is designed to discover possible attacks in the network quickly and build a blacklist of malicious users reasonably. Users on the blacklist will be restricted from accessing the ICN network during the registration phase with the resolution system. Incentives and punishments for network users are introduced to automate responses about the potential malicious behavior reports. Our scheme is more efficient as users do not have to wait for an additional system component to perform operations. In addition, our algorithm can better solve the collusion problem in the voting process when compared with the others. We experimentally evaluate our protocol to demonstrate that the probability of successful collusion attack can be reduced to less than 0.1 when the attacker ratio is 0.5.

IBPC: An Approach for Mitigation of Cache Pollution Attack in NDN using Interface-Based Popularity

The performance of Named Data Networking (NDN) depends on the caching efficiency of routers. Cache Pollution Attack (CPA) refers to colonization of unpopular contents in the Content Store (CS) of an NDN router, which leads to declined Quality of Service (QoS) in NDN. CPA has very few solutions proposed for its mitigation. Most of these solutions are based on the statistics of the router itself. However, an attacker can influence these statistics by requesting unpopular contents repeatedly. This article proposes a new parameter for the detection of CPA, which is based on the number of distinct users requesting interest packets for a content over a period of time. The local popularity of the attackers’ content does not affect the proposed approach. Results show that the proposed approach consumes less storage, reduces processing time, and more effectively mitigates the CPA, as compared to the other existing approaches.

On the robustness of three classes of rateless codes against pollution attacks in P2P networks

Rateless codes (a.k.a. fountain codes, digital fountain) have found their way in numerous peer-to-peer based applications although their robustness to the so called pollution attack has not been deeply investigated because they have been originally devised as a solution for dealing with block erasures and not for block modification. In this paper we provide an analysis of the intrinsic robustness of three rateless codes algorithms, i.e., random linear network codes (RLNC), Luby transform (LT), and band codes (BC) against intentional data modification. By intrinsic robustness we mean the ability of detecting as soon as possible that modification of at least one equation has occurred as well as the possibility a receiver can decode from the set of equations with and without the modified ones. We focus on bare rateless codes where no additional information is added to equations (e.g., tags) or higher level protocol are used (e.g., verification keys to pre-distribute to receivers) to detect and recover from data modification. We consider several scenarios that combine both random and targeted selection of equations to alter and modification of an equation that can either change the rank of the coding matrix or not. Our analysis reveals that a high percentage of attacks goes undetected unless a minimum code redundancy is achieved, LT codes are the most fragile in virtually all scenarios, RLNC and BC are quite insensitive to the victim selection and type of alteration of chosen equations and exhibit virtually identical robustness although BC offer a low complexity of the decoding algorithm.

Cache Pollution Detection Method Based on GBDT in Information-Centric Network

There is a new cache pollution attack in the information-centric network (ICN), which fills the router cache by sending a large number of requests for nonpopular content. This attack will severely reduce the router cache hit rate. Therefore, the detection of cache pollution attacks is also an urgent problem in the current information center network. In the existing research on the problem of cache pollution detection, most of the methods of manually setting the threshold are used for cache pollution detection. The accuracy of the detection result depends on the threshold setting, and the adaptability to different network environments is weak. In order to improve the accuracy of cache pollution detection and adaptability to different network environments, this paper proposes a detection algorithm based on gradient boost decision tree (GBDT), which can obtain cache pollution detection through model learning. Method. In feature selection, the algorithm uses two features based on node status and path information as model input, which improves the accuracy of the method. This paper proves the improvement of the detection accuracy of this method through comparative experiments.