Named Data Network (NDN), as a promising information-centric networking architecture, is expected to support next-generation of large-scale content distribution with open in-network cachings. However, such open in-network caches are vulnerable against Cache Pollution Attacks (CPAs) with the goal of filling cache storage with non-popular contents. The detection and defense against such attacks are especially difficult because of CPA's similarities with normal fluctuations of content requests. In this work, we use a clustering technique to detect and defend against CPAs. By clustering the content interests, our scheme is able to distinguish whether they have followed the Zipf-like distribution or not for accurate detections. Once any attack is detected, an attack table will be updated to record the abnormal requests. While such requests are still forwarded, the corresponding content chunks are not cached. Extensive simulations in ndnSIM demonstrate that our scheme can resist CPA effectively with higher cache hit, higher detecting ratio, lower hop count, and lower algorithm complexity compared to other state-of-the-art schemes.

中文翻译：

---

在命名数据网络中使用集群检测和防御缓存污染攻击

命名数据网络（NDN）作为一种很有前途的以信息为中心的网络架构，有望通过开放式网络缓存支持下一代大规模内容分发。然而，这种开放的网络内缓存容易受到缓存污染攻击 (CPA) 的攻击，其目标是用不受欢迎的内容填充缓存存储。由于 CPA 与内容请求的正常波动相似，因此对此类攻击的检测和防御尤其困难。在这项工作中，我们使用聚类技术来检测和防御 CPA。通过对内容兴趣进行聚类，我们的方案能够区分它们是否遵循类似 Zipf 的分布以进行准确检测。一旦检测到任何攻击，就会更新攻击表以记录异常请求。虽然此类请求仍会被转发，但不会缓存相应的内容块。ndnSIM 中的大量模拟表明，与其他最先进的方案相比，我们的方案可以有效地抵抗 CPA，具有更高的缓存命中率、更高的检测率、更低的跳数和更低的算法复杂度。