Research On Multiple Security Defense Mechanism In Named Data Networking

In the past few decades,TCP/IP has been the core architecture of the network.However,the increasing mobility and the demand for content distribution have exposed the limitations of TCP / IP network.In order to meet the new demands of the network,the Information Center Network structure represented by the Named Data Networking(NDN)has been proposed and received extensive attention.Although NDN meets people's needs for content acquisition,there are also security issues that need to be solved,including three types of attacks: cache pollution,cache poisoning,and interest flooding.These attacks will greatly reduce the performance of the network,so this paper studies the security defense mechanism in NDN.The main research works of this article are as follows:1.A security defense mechanism is proposed for hierarchical NDN.The mechanism includes three parts: the Token-based Router Monitoring policy,the Hierarchical Consensus-based Trust management,and the Popularity-based probabilistic caching policy.In the Token-based Router Monitoring policy,the edge router monitors and evaluates each content requester and content provider separately,and allocates,rewards and penalizes tokens accordingly to control its data request and data provision activities.In the Hierarchical Consensus-based Trust management,each core router uses a token bucket strategy to manage its directly connected edge routers,and at the same time,the core routers trust each other by periodically sending consensus announcements.Popularity-based probabilistic caching policy uses a caching algorithm that combines probabilistic caching and SLRU replacement algorithms,where the caching probability is calculated based on the popularity of the received content to further alleviate attacks and reduce caching and data verification overhead.2.A security defense mechanism based on the idea of IOTA is proposed for the flat NDN,.The mechanism processes a content request and content provision process in NDN into a transaction in IOTA and stores it in a Tangle structure.Each transaction needs to verify the previous two transactions when it is added to the tangled structure.The content pricing mechanism based on content popularity is used to limit the number of content requesters to send packets,thereby solving interest flooding attacks and cache pollution attacks;the behavior punishment mechanism is used to punish providers who provide wrong content,and the content providers provide wrong content transactions cannot be confirmed by subsequent transactions,thereby alleviating cache poisoning attacks;3.This paper uses the NDN simulation tool ndnSIM to verify the above two defense mechanisms,and selects the classic algorithm and the basic algorithm for comparison.The simulation results show that the security defense mechanism proposed for hierarchical NDN has better defense effects than the token algorithm and SLUR cache algorithm based on the satisfaction rate back push,which can allow users to obtain a higher satisfaction rate and lower request delay At the same time,it also improves the cache hit rate and reduces the cache overhead.Although the security defense mechanism proposed for the hierarchical NDN increases the request delay,it can allow the requester to obtain a higher satisfaction rate.