| Node caching within a network is an important feature of Named Data Networking(NDN),which allows content requesters to obtain requested data from the cache of intermediate nodes,thereby reducing content acquisition latency,effectively improving data distribution speed and network resource utilization.But node caches are also highly vulnerable to cache pollution attacks and cache privacy attacks launched by attackers.Currently,research on the defense of these two types of attacks is mainly aimed at the situation where each node launches an attack separately,and existing solutions have been basically able to effectively defend these two types of attacks.However,with the development of the network,collusion attacks have gradually arisen.Collusion cache attacks are launched by multiple attackers together,and each attacker can launch a smaller attack.After acting together,significant attack effects can be achieved,and it is more difficult to identify.The existing solutions for defending attacks launched by each node individually are not suitable for direct application in defending collusion cache attacks.Compared to cache pollution attacks and cache privacy attacks launched by individual nodes,research in the fields related to collusive cache pollution attacks and collusive cache privacy attacks,which have a greater impact on NDN networks and are more covert in attack methods,is still in its infancy.This thesis aims to study the cache security of NDN nodes,targeting collusion cache pollution attacks and collusion cache privacy attacks.By analyzing the behavior of receiving requests from different interfaces between nodes,machine learning methods and collaborative caching mechanisms are used to identify the initiator of collusion cache attacks based on user behavior,and no longer receive requests from the initiator,ensure the normal operation of the network.This thesis contains the following three aspects:1.A defense strategy based on Support Vector Machine(SVM)is proposed for collusion cache pollution attacks in NDN.This strategy first collects the node cache hit rate,interest satisfaction rate,and PIT utilization rate,and uses these three status information as input parameters.SVM is used to determine whether the node is currently in a cache pollution attack state.If the node is currently in a cache pollution attack state,Then,the behavioral similarity detection mechanism and the popular information interaction mechanism of adjacent nodes are applied to identify the collusion attacks of adjacent nodes and those of distant nodes.Finally,the traceability mechanism is applied to find the initiating node of the collusion attack,and the attack defense is achieved by rejecting subsequent requests.2.Aiming at collusive cache privacy attacks in NDN,a defense strategy based on node grouping is proposed.This strategy introduces a virtual node grouping mechanism to expand the cache capacity of nodes to minimize the increase in latency caused by privacy protection.It also distinguishes popular content from private content in received data packets,cooperatively caches private content into packets,and uses an interface behavior similarity detection mechanism to identify attackers who launch collusive caching privacy attacks,And add appropriate delay when the node returns data to achieve defense against attacks.3.Applying ndn SIM to implement the defense mechanism against collusive cache pollution attacks and collusive cache privacy attacks proposed in this article.Experimental results on the popular topology DFN of NDN networks show that the proposed collusion cache pollution attack defense mechanism has a higher cache hit rate and recognition accuracy,and lower content acquisition latency than existing defense schemes.The collusion cache privacy attack defense mechanism proposed in this article enables the average content acquisition latency of nodes to be within an acceptable range,which has a higher cache hit rate and lower privacy exposure risk than existing defense schemes,thereby better protecting user privacy. |
PDF Full Text Request