Research On Defense Mechanism For Content Pollution In Named Data Networking

As a revolutionary design idea of the next generation network,Named Data Networking(NDN)changes the network communication mode by providing ubiquitous cache.Compared with the traditional TCP / IP network,NDN has many obvious advancements and advantages in content distribution.Its main features are embodied in the diversified routing strategy selection and the security mechanism based on the data itself,which brings a lot of benefits of idea and practice.However,NDN is also faced with a number of new security threats.One of the important security threats is the content pollution attack.Content pollution attack makes the network full of false content by hijacking the source server,which seriously restricts the network performance.Aimed at this problem,this paper focuses on the research on defensive methods of content pollution.Then it explores the effective defense mechanism in depth by analyzing the causes of content pollution attack in NDN nodes,and evaluates the performance of defense mechanism from the theoretical point of view.The main innovations of the research are as follows:(1)In view of the non-secure NDN network with false content,the concept of interface reliability is proposed,which is evaluated by using the node interface to verify the reliability of the received packet.Then,a forwarding strategy,named Probabilistic Forwarding Strategy based on Interface Reliability(PFSIR),is proposed.It sets the forwarding probability of the interest packet at the interface according to the interface reliability,and forwards the interest packet to the highly reliable source server.On this basis,the network performance of PFSIR is analyzed theoretically,and compared with the Equal Probability Random Forwarding Strategy.The numerical results show that this strategy has a better defense effect on the source server pollution when the access request flow is within a certain range,and the advantage is obvious compared with the Equal Probability Random Forwarding Strategy.(2)Considering that the PFSIR strategy can forward the request traffic to a highly reliable source server through the forwarding policy,it can improve the network performance in the non-secure NDN environment.However,with the deepening of the source server pollution,when most of the source servers are contaminated,it is difficult to combat the proliferation of false content in the network by simply using the forwarding mechanism.PFSIR strategy cannot maintain the normal work of the network,it needs effective verification mechanism to inhibit content pollution.In order to solve this problem,this paper further proposes a verification strategy named PVSRC,which defines the router credibility as verification probability.It can guarantee high percentage of valid contents in network as well as reduce router's workload.The numerical results show that our strategy can provide more efficient protection against content pollution attack compared with the strategy of verification on hit.