A Detection Mechanism for Cache Pollution Attack in Named Data Network Architecture

Abstract: HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des labor… Show more

“…In order to use Q-Learning effectively for CPA detection, the state parameters should capture the relevant features of the network traffic that enable the NDN router to detect and respond to intrusions effectively. In our previous work (30), we conducted a study to analyze the impact of CPA on NDN routers' performance and studied the evolution of different parameters under the attack. Our findings revealed that the variation of the Cache Hit Ratio (CHR), interest inter-arrival time, and interest hop count could serve as good indicators of the presence of cache pollution attacks.…”

“…It is evident from the figure that the CHR experiences a significant decline and reaches below 5% during the attack periods. Based on the results of this study (30), we choose to represent the state in Q-ICAN by the tuple Average Cache Hit Ratio, Average Inter-Arrival Time, and the Hop Count:…”

“…To address the challenges of security in NDN, we propose a novel Q-Learning mitigation mechanism called Q-ICAN (Q-learning based Intrusion prevention system for CPA Attack in NDN). Q-ICAN represents a significant improvement over our previous solution, ICAN (30), which was based on statistical measures. While ICAN was effective in identifying some types of cache pollution attacks, it was not a real-time or dynamic solution.…”

Q-ICAN: A Q-learning based cache pollution attack mitigation approach for named data networking

“…In order to use Q-Learning effectively for CPA detection, the state parameters should capture the relevant features of the network traffic that enable the NDN router to detect and respond to intrusions effectively. In our previous work (30), we conducted a study to analyze the impact of CPA on NDN routers' performance and studied the evolution of different parameters under the attack. Our findings revealed that the variation of the Cache Hit Ratio (CHR), interest inter-arrival time, and interest hop count could serve as good indicators of the presence of cache pollution attacks.…”

“…It is evident from the figure that the CHR experiences a significant decline and reaches below 5% during the attack periods. Based on the results of this study (30), we choose to represent the state in Q-ICAN by the tuple Average Cache Hit Ratio, Average Inter-Arrival Time, and the Hop Count:…”

“…To address the challenges of security in NDN, we propose a novel Q-Learning mitigation mechanism called Q-ICAN (Q-learning based Intrusion prevention system for CPA Attack in NDN). Q-ICAN represents a significant improvement over our previous solution, ICAN (30), which was based on statistical measures. While ICAN was effective in identifying some types of cache pollution attacks, it was not a real-time or dynamic solution.…”

Q-ICAN: A Q-learning based cache pollution attack mitigation approach for named data networking

“…The authors of [20] suggested a detection mechanism called ICAN (Intrusion detection system for CPA attack in NDN architecture) based on metrics of performance including the average cache hit ratio, average interest inter-arrival time, hop count and prefix variation that is basically stands by monitoring dynamically the variation of those metrics to decide the appearance of the attack in different realistic network topologies. This solution demonstrated high efficiency compared to previous mentioned solutions in terms of conserving router resources, the conservation of the user's privacy and the high accuracy of detecting the attack.…”

Attacks, Detection Mechanisms and Their Limits in Named Data Networking (NDN)

Improving NDN Resilience: A Novel Mitigation Mechanism Against Cache Pollution Attack