Research On Secure Cache Technology In Content Centric Networking

With the booming development of Internet,the traditional Transmission Control Protocol/Internet Protocol(TCP/IP)network architecture based on end-to-end is facing many challenges.In order to cope with the shortcomings of current Internet architecture,Content Centric Networking(CCN)is catching our attention.CCN is a content-centric and user-driven network architecture,where users only focus on the content,not the address where the content is stored.In order to improve the efficiency of content distribution,each node in CCN network can cache the contents.Pervasive cache is a major advantage of CCN compared with traditional network architecture.However,it is vulnerable for severe cache attacks,such as cache pollution attack and cache poisoning attack.The main work of this thesis is described as follows:To solve the problem that the existing schemes cannot detect cache pollution attack efficiently,a detection and defense scheme based on user behaviors and network parameters is proposed in this thesis.The differences between False Locality Attack(FLA)and Flash Crowd are analyzed.Three characteristics are adopted: the content request ratio,the same content request distribution of each interface,and the standard deviation of cache hit ratio change in edge router.Support Vector Machines(SVM)is used to detect malicious interest requests and defend against them based on the detection results.Simulation results show that the proposed scheme can improve the correct detection ratio,reduce the delay of content retrieval,and improve the cache hit ratio of legitimate users.To solve the problem that the existing schemes cannot defend against cache poisoning attack efficiently,a defense scheme based on reputation-based probalilistic forwarding strategy is proposed in this thesis.The user verifies the validity of the received data packets and starts defense measures by constructing the feedback interest packets when the verification result is failed.According to the information carried in the feedback interest packets,the bogus contents in the cache of routers are deleted,malicious source servers are traced,the reputation value of each interface is adjusted,and the safe forwarding path is explored for the subsequent interest requests.Simulation results show that the proposed scheme can suppress malicious providers from the source and bypass malicious routers,reduce the cache poisoning ratio and improve the satisfaction ratio of users.