Enhancing cache robustness for content-centric networking

Published on Mar 1, 2012 in INFOCOM (International Conference on Computer Communications)
· DOI :10.1109/INFCOM.2012.6195632
Mengjun Xie14
Estimated H-index: 14
(UALR: University of Arkansas at Little Rock),
Indra Widjaja13
Estimated H-index: 13
(Bell Labs),
Haining Wang34
Estimated H-index: 34
(W&M: College of William & Mary)
With the advent of content-centric networking (CCN) where contents can be cached on each CCN router, cache robustness will soon emerge as a serious concern for CCN deployment. Previous studies on cache pollution attacks only focus on a single cache server. The question of how caching will behave over a general caching network such as CCN under cache pollution attacks has never been answered. In this paper, we propose a novel scheme called CacheShield for enhancing cache robustness. CacheShield is simple, easy-to-deploy, and applicable to any popular cache replacement policy. CacheShield can effectively improve cache performance under normal circumstances, and more importantly, shield CCN routers from cache pollution attacks. Extensive simulations including trace-driven simulations demonstrate that CacheShield is effective for both CCN and today's cache servers. We also study the impact of cache pollution attacks on CCN and reveal several new observations on how different attack scenarios can affect cache hit ratios unexpectedly.
  • References (18)
  • Citations (95)
📖 Papers frequently viewed together
2009CoNEXT: Conference on Emerging Network Experiment and Technology
3,134 Citations
3 Authors (Mauro Conti, ..., Marco Teoli)
74 Citations
2013ICCCN: International Conference on Computer Communications and Networks
4 Authors (Paolo Gasti, ..., Lixia Zhang)
150 Citations
78% of Scinapse members use related papers. After signing in, all features are FREE.
Apr 13, 2010 in E-Energy (Energy-Efficient Computing and Networking)
#1Uichin Lee (Bell Labs)H-Index: 38
#2Ivica Rimac (Bell Labs)H-Index: 19
Last. Volker Hilt (Bell Labs)H-Index: 21
view all 3 authors...
Our energy efficiency analysis of various content dissemination strategies reveals that a change in network architecture from host-oriented to content-centric networking (CCN) can open new possibilities for energy-efficient content dissemination. In this paper, we consider energy-efficient CCN architecture and validate its energy efficiency via trace-based simulations. The results confirm that CCN is more energy efficient than conventional CDNs and P2P networks, even under incremental deployment...
101 CitationsSource
Mar 1, 2010 in INFOCOM (International Conference on Computer Communications)
#1Elisha J. Rosensweig (UMass: University of Massachusetts Amherst)H-Index: 7
#2Jim Kurose (UMass: University of Massachusetts Amherst)H-Index: 67
Last. Don Towsley (UMass: University of Massachusetts Amherst)H-Index: 106
view all 3 authors...
Many systems employ caches to improve performance. While isolated caches have been studied in-depth, multi-cache systems are not well understood, especially in networks with arbitrary topologies. In order to gain insight into and manage these systems, a low-complexity algorithm for approximating their behavior is required. We propose a new algorithm, termed a-Net, that approximates the behavior of multi-cache networks by leveraging existing approximation algorithms for isolated LRU caches. We de...
171 CitationsSource
Dec 1, 2009 in CoNEXT (Conference on Emerging Network Experiment and Technology)
#1Van Jacobson (PARC)H-Index: 55
#2Diana K. Smetters (PARC)H-Index: 19
Last. Rebecca L. Braynard (PARC)H-Index: 4
view all 6 authors...
3,134 CitationsSource
#1Van Jacobson (PARC)H-Index: 55
#2Diana K. Smetters (PARC)H-Index: 19
Last. Rebecca L. Braynard (PARC)H-Index: 4
view all 7 authors...
A variety of proposals call for a new Internet architecture focused on retrieving content by name, but it has not been clear that any of these approaches are general enough to support Internet applications like real-time streaming or email. We present a detailed description of a prototype implementation of one such application -- Voice over IP (VoIP) -- in a content-based paradigm. This serves as a good example to show how content-based networking can offer advantages for the full range of Inter...
343 CitationsSource
Oct 1, 2007 in SIGCOMM (ACM Special Interest Group on Data Communication)
#1Teemu Koponen (Helsinki Institute for Information Technology)H-Index: 24
#2Mohit Chawla (University of California, Berkeley)H-Index: 1
Last. Ion Stoica (University of California, Berkeley)H-Index: 108
view all 7 authors...
The Internet has evolved greatly from its original incarnation. For instance, the vast majority of current Internet usage is data retrieval and service access, whereas the architecture was designed around host-to-host applications such as telnet and ftp. Moreover, the original Internet was a purely transparent carrier of packets, but now the various network stakeholders use middleboxes to improve security and accelerate applications. To adapt to these changes, we propose the Data-Oriented Networ...
1,328 CitationsSource
#1Songqing Chen (GMU: George Mason University)H-Index: 32
#2Bo ShenH-Index: 13
Last. Xiaodong ZhangH-Index: 49
view all 4 authors...
Many algorithmic efforts have been made to address technical issues in designing a streaming media caching proxy. Typical of those are segment-based caching approaches that efficiently cache large media objects in segments which reduces the startup latency while ensuring continuous streaming. However, few systems have been practically implemented and deployed. The implementation and deployment efforts are hindered by several factors: 1) streaming of media content in complicated data formats is d...
29 CitationsSource
Nov 1, 2006 in ICNP (International Conference on Network Protocols)
#1Yan Gao (NU: Northwestern University)H-Index: 14
#2Leiwen Deng (NU: Northwestern University)H-Index: 3
Last. Yan Chen (NU: Northwestern University)H-Index: 45
view all 4 authors...
Proxy caching servers are widely deployed in today's Internet. While cooperation among proxy caches can significantly improve a network?s resilience to denial-of-service (DoS) attacks, lack of cooperation can transform such servers into viable DoS targets. In this paper, we investigate a class of pollution attacks that aim to degrade a proxy's caching capabilities, either by ruining the cache file locality, or by inducing false file locality. Using simulations, we propose and evaluate the effect...
21 CitationsSource
#1Abdullah Saeed Balamash (UA: University of Arizona)H-Index: 10
#2Marwan Krunz (UA: University of Arizona)H-Index: 47
The increasing demand for World Wide Web (WWW) services has made document caching a necessity to decrease download times and reduce Internet traffic. To make effective use of caching, an informative decision has to be made as to which documents are to be evicted from the cache in case of cache saturation. This is particularly important in a wireless network, where the size of the client cache at the mobile terminal (MT) is small. Several types of caching are used over the Internet, including cli...
126 CitationsSource
Web caching is an important technique to scale the Internet. One important performance factor of Web caches is the replacement strategy. Due to specific characteristics of the World Wide Web, there exist a huge number of proposals for cache replacement. This article proposes a classification for these proposals that subsumes prior classifications. Using this classification, different proposals and their advantages and disadvantages are described. Furthermore, the article discusses the importance...
550 CitationsSource
Oct 31, 2003 in CCS (Computer and Communications Security)
#1Vinay Manivel (Georgia Institute of Technology)H-Index: 1
#2Mustaque Ahamad (Georgia Institute of Technology)H-Index: 31
Last. H. Venkateswaran (Georgia Institute of Technology)H-Index: 7
view all 3 authors...
Many distributed services are susceptible to attacks by malicious clients that can significantly degrade their performance. Scalable distributed services make use of a variety of techniques which are vulnerable to such attacks. We explore the survivability of services when attacks target the scalability techniques employed by the services. In particular, we explore how the effectiveness of caching can be degraded when malicious clients manipulate cache management algorithms. We present an attack...
3 CitationsSource
Cited By95
#1Sabuzima NayakH-Index: 3
#2Ripon Patgiri (National Institute of Technology, Silchar)H-Index: 5
view all 3 authors...
Today is the era of smart devices. Through the smart devices, people remain connected with systems across the globe even in mobile state. Hence, the current Internet is facing scalability issue. Therefore, leaving IP based Internet behind due to scalability, the world is moving to the Future Internet Architecture, called Named Data Networking (NDN). Currently, the number of nodes connected to the Internet is in billions. And, the number of requests sent is in millions per second. NDN handles suc...
#1Alberto Compagno (Cisco Systems, Inc.)H-Index: 7
#2Mauro Conti (UNIPD: University of Padua)H-Index: 36
Last. Sebastiano Valle (UNIPD: University of Padua)H-Index: 1
view all 5 authors...
Named Data Networking (NDN) is a relatively new architecture, adhering to the Information-Centric Networking (ICN) paradigm, which focuses on explicitly named, routable and addressable content. While addressing and overcoming some of the current Internet issues, ICN is also affected by its own ones. Among those, content caching can be exploited, together with the Content Fetch Time (CFT), to identify the contents requested by the users. This attack is reactive, since the attacker infers whether ...
#1Xiaoyan Hu (SEU: Southeast University)H-Index: 4
#2Shaoqi Zheng (SEU: Southeast University)
Last. Ruidong Li (National Institute of Information and Communications Technology)
view all 7 authors...
Abstract Information-Centric Networking (ICN), such as Named Data Networking (NDN), intrinsically supports multipath forwarding and in-network caching. In order to take full advantage of both multipath forwarding and in-network caching, it requires sophisticated coordination among consumers, publishers and in-network caches for consumers to learn the fine-grained packet-level cache reachability information. The complexity introduced by the coordination as well as the cache organization hinders t...
Dec 1, 2019 in GLOBECOM (Global Communications Conference)
#2Guowei Wu (DUT: Dalian University of Technology)H-Index: 11
Last. Kuei-Fang Hsiao (MCU: Ming Chuan University)H-Index: 4
view all 5 authors...
Named data networking(NDN) is a very promising architecture for future network, which can improve the network performance due to its in-network caching feature. However, the pervasive caching is vulnerable against False-Locality Attack (FLA), one kind of cache pollution attack, where attackers repeatedly request a specific set of non-popular contents to replace popular contents. Therefore, the cache hit of legal requests is reduced and the response delay is increased. To mitigate this attack and...
#1Naveen Kumar (MNNIT: Motilal Nehru National Institute of Technology Allahabad)H-Index: 1
#2Ashutosh Kumar Singh (MNNIT: Motilal Nehru National Institute of Technology Allahabad)H-Index: 2
Last. Shashank Srivastava (MNNIT: Motilal Nehru National Institute of Technology Allahabad)H-Index: 5
view all 4 authors...
Contents such as audios, videos, and images, contribute most of the Internet traffic in the current paradigm. Secure content sharing is a tedious issue. The existing security solutions do not secure data but secure the communicating endpoints. Named data networking (NDN) secures the data by enforcing the data publisher to sign the data. Any user can verify the data by using the public key of the publisher. NDN is resilient to most of the probable security attacks in the TCP/IP model due to its n...
1 CitationsSource
Oct 1, 2019 in ICNP (International Conference on Network Protocols)
#1Xiaoyan Hu (SEU: Southeast University)H-Index: 4
#2Shaoqi Zheng (SEU: Southeast University)
Last. Jian Gong (SEU: Southeast University)H-Index: 6
view all 5 authors...
Named Data Networking (NDN) intrinsically supports in-network caching and multipath forwarding. The two salient features offer the potential to simultaneously transmit content segments that comprise the requested content from original content publishers and in-network caches. However, due to the complexity of maintaining the reachability information of off-path cached content at the fine-grained packet level of granularity, the multipath forwarding and off-path cached copies are significantly un...
#1Tuyen X. Tran (RU: Rutgers University)H-Index: 11
#2Dario Pompili (RU: Rutgers University)H-Index: 32
Mobile-Edge Computing (MEC) is a promising paradigm that provides storage and computation resources at the network edge in order to support low-latency and computation-intensive mobile applications. In this article, we propose a joint collaborative caching and processing framework that supports Adaptive Bitrate (ABR)-video streaming in MEC networks. We formulate an Integer Linear Program (ILP) that determines the placement of video variants in the caches and the scheduling of video requests to t...
6 CitationsSource
#1Elisa Mannes (UFPR: Federal University of Paraná)H-Index: 3
#2Carlos Maziero (UFPR: Federal University of Paraná)H-Index: 8
The Information-Centric Network (ICN) paradigm is a future Internet approach aiming to tackle the Internet architectural problems and inefficiencies, by swapping the main entity of the network architecture from hosts to content items. In ICN, content names play a central role: Each content gets a unique name at the network layer, and this name is used for routing the content over the network. This paradigm change potentially enables a future Internet with better performance, reliability, scalabi...
1 CitationsSource