CN109040163B - Named data network privacy protection caching decision method based on k anonymity - Google Patents

Named data network privacy protection caching decision method based on k anonymity Download PDF

Info

Publication number
CN109040163B
CN109040163B CN201810381113.9A CN201810381113A CN109040163B CN 109040163 B CN109040163 B CN 109040163B CN 201810381113 A CN201810381113 A CN 201810381113A CN 109040163 B CN109040163 B CN 109040163B
Authority
CN
China
Prior art keywords
content
router
cst
node
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201810381113.9A
Other languages
Chinese (zh)
Other versions
CN109040163A (en
Inventor
柳毅
李小燕
凌捷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong University of Technology
Original Assignee
Guangdong University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong University of Technology filed Critical Guangdong University of Technology
Priority to CN201810381113.9A priority Critical patent/CN109040163B/en
Publication of CN109040163A publication Critical patent/CN109040163A/en
Application granted granted Critical
Publication of CN109040163B publication Critical patent/CN109040163B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • H04L67/5682Policies or rules for updating, deleting or replacing the stored data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a named data network privacy protection caching decision method based on k anonymity, which is characterized in that caching decision is only carried out on a node where a user sends a request, and the neighbor node to which the named data network is cached is decided according to the cache replacement rate of the node. Even if an attacker can know that the content has been accessed recently, the attacker cannot deduce which user has accessed the content recently through which router because of the cache cooperation in the region, so that the attacker can be prevented from detecting the privacy information of the requester, and the privacy of the requester can be effectively protected. Moreover, the user anonymous area is expanded by means of neighbor cooperative caching to protect the caching privacy, the router does not need to execute construction of the anonymous area, data searching in the anonymous area is not needed, the implementation difficulty of the anonymous area is reduced, and the time delay of local users for acquiring data is reduced.

Description

Named data network privacy protection caching decision method based on k anonymity
Technical Field
The invention relates to the technical field of named data network privacy protection, in particular to a named data network privacy protection caching decision method based on k anonymity.
Background
With the continuous progress and development of internet information technology, the main functions of the internet have become efficient and secure acquisition and distribution of content. The initial network based on the TCP/IP protocol has the defects of insufficient IPv4 addresses, more network security loopholes, low network service quality and the like. The internet of the TCP/IP network system also has a serious resource waste, which is a problem of a large amount of repeated content transmission. To address the fundamental problems of TCP/IP networks, a revolutionary future Network architecture, Information-Centric Network (ICN) (Vasilakos A V, Li Z, Simon G, et al. Information-Centric Network: research scales and opportunities [ J ]. Journal of Network and Computer Applications 2015, 52: 1-10.) was proposed to meet the future development requirements for efficient, large-scale, secure content acquisition and transmission over the Internet. Among several representative ICN related architecture schemes, Named Data Networks (NDN) (Zhang L, Estrin D, Burke J, et al. Named Data Networking (NDN) project [ J ]. Relat obliterate rio T nic NDN-0001, Xerox Palo Alto Research Center-PARC,2010.) are becoming the mainstream of ICN architecture because of the advancement, feasibility and substantial progress of project concepts.
The utilization of network internal storage has the advantages of reducing redundant transmission in the network, realizing content sharing, improving content distribution speed and the like. When a data packet cached inside the network responds to a request instead of a data producer, that is, a Cache hit occurs, the Cache hit means that the use of bandwidth is reduced. That is, reasonable caching strategies inside the network can greatly reduce the network bandwidth and reduce the load of the original server. However, cached content inside the network may reveal some privacy sensitive information. An attacker may infer whether certain content has been accessed, or thus the location of the requester in the network topology, etc., by measuring the time at which the requested content is obtained. Therefore, for the named data network, the key for exerting the advantages of the in-network cache is to prevent the cache from revealing privacy information and improve the cache performance under the condition of low overhead. However, the policy of default Everywhere cache (LCE) (Wang W, Sun Y, Guo Y, et al CRCache: expanding the correlation between content and networking topology information for ICN caching [ C ]// IEEE International Conference on Communications (ICC); Sydney: IEEE,2014:3191 and 3196) is likely to cause cache redundancy, i.e., the same object has copies in multiple nodes, which results in serious waste of storage space, and an attacker can easily guess privacy information such as communication traces of neighbor users through the cache.
For the defects of the LCE caching method for the named data network, researchers have proposed some caching strategies to reduce redundancy and improve network performance. Laoutaris, Eum, Wang et al propose random cache-based decisions that can reduce cache redundancy to some extent, but are more random and blind; psaras et al make a cache decision by calculating the number of node hops and the cache capacity (Psaras I, Chai W K, Pavlou G. basic in-network searching for Information-central networks [ C ]. ACM Proceedings of the subsequent edition of the ICN networks on Information-central networks (ICN),2012: 55-60.). In addition, the method of BetwRep (Temport, Liu river, Huangtao, etc. is proposed by Tokyo et al. content-centric networking cache strategy [ J ] based on node betweenness and replacement rate [ 1-7 ] in electronic and informatics report, 2014,36 (1)), and the replacement rate based on node betweenness and cached content is used as decision metric on a return path. Both methods do not take into account the distribution characteristics of the content request. Hu et al propose PRL method (Hu X, Gong J, Cheng G, et al, enhancing in-network caching by adding cache replacement, replacement and location [ C ]. IEEE,2015:5672-5678.), the router calculates the cache profit according to the request rate of the content, the hop count information and the content replacement rate, and selects the node with the largest profit as the cache node in the transmission path. This approach can significantly increase network load. The CCSPP method (Geguo, Guo Yuan Fei, Liu Cai, etc.. Cooperation cache strategy facing privacy protection in content center network [ J ]. electronic and information science report, 2015,37(5):1220 and 1226.) comprehensively considers the privacy protection of cache, constructs an anonymous area, and selects the maximum hot spot request area for caching when the content returns. But the difficulty of constructing anonymous areas is high and additional search delay is introduced. The invention is provided in consideration of the problems of insufficient privacy protection degree, potential safety hazard, low performance and the like of the existing cache strategy.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a named data network privacy protection caching decision method based on k anonymity, which prevents an attacker from detecting the caching content in a router and avoids the attacker from deducing and acquiring privacy information such as the access content of a neighbor user; meanwhile, on the premise of protecting the private information cached by the router, k anonymous shared cache data is realized, the cache utilization rate is improved, the number of router hops passed by the user for requesting the content is reduced, and the average request time of the content is reduced; and when the data packet returns, the cache decision is only carried out at the node where the user sends the request, so that the diversity of cache contents in the network is increased, a large amount of cache redundancy is reduced, and the local cache hit rate is improved.
In order to achieve the purpose, the technical scheme provided by the invention is as follows:
adding a Content State Table (CST) and a neighbor information Table (NST) in a router node of the named data network, wherein the Content State Table and the neighbor information Table are used for counting the quantity of Content requesting users and an encrypted requesting user set when an interest packet reaches the node;
when the router node receives the interest packet, according to the content C in the content status table CSTxAnd encrypted user UyModifying the requested amount of users of the content;
when the original path of the data packet corresponding to the interest packet is returned, the cache decision is only carried out on the router node with cache hit, and the anonymous set for access is increased by utilizing the k anonymous characteristic to carry out neighbor cooperative cache.
Further, when the router node receives the interest packet, the specific processing steps are as follows:
s1-1, searching whether the content C exists in the content state table CSTxIf not, go to step S1-4; if so, searching whether a user U exists in the user set uSet of the content state table CST or notyIf not, go to content CxUser set uSet of (1) adds UyAdding 1 to the number of users; if yes, go directly to step S1-2;
s1-2, judging content C in CST tablexValue of corresponding Interface: if the Interface is empty, go to step S1-5; if the Interface is equal to 0, returning a data packet to the user according to the content in the CS, and ending the process; if the Interface is not null or zero, go to step S1-3;
s1-3, according to content C in CST tablexThe corresponding interface is forwarded to the neighbor router, and the process is finished;
s1-4, adding a piece of content C to CSTxRecord of user UyAdding a user set, and requesting the user amount to increase by 1;
s1-5, searching content C in PITxIf found, the content C is processedxArriving interfaces add to PIT and discard the interestAnd (6) ending the process; otherwise look up content C in FIBx
S1-6, finding content C in FIBx(ii) a Forwarding according to the found interface list, and adding a new entry of the interest packet in the PIT; not found in the FIB, indicating that the network cannot respond to the request, the interest packet is discarded.
Further, when the original route of the data packet corresponding to the interest packet is returned, the cache decision step of the router node receiving the data packet is as follows:
S2-1、Cxthe data packet arrives at the user and sends out a request C on the way of returningxNode R ofiFind out whether CS has CxIf there is a data packet, the data packet is directly discarded, otherwise C is searched in CSTx
S2-2, if C is found in CSTxThen, go to step S2-3; if C is not found in CSTxThen step S2-4 is executed;
s2-3, judging whether the Interface is empty and whether the number of router interfaces or the number of users requested by the CST table num of users is more than or equal to a threshold k;
if the Interface is empty and the number of interfaces of the router or the number of users num of users requested by the CST table is greater than or equal to the threshold k, the data packet copy is cached in the router RiThe interface of CST table is updated to 0, and the neighbor router is updated to the local router Ri
If the Interface is empty and the number of router interfaces or the number of users num of User requested by the CST table is not more than the threshold k, selecting the neighbor node R with the minimum cache replacement rate according to the NSTiForwarding and buffering the packet copy to RiUpdating the selected neighbor interface to CST;
if the Interface is not empty and the number of router interfaces or the number of users num of User requested by CST table is greater than or equal to the threshold k, the data packet copy is cached in the router RiThe interface of CST table is updated to 0, and the neighbor router is updated to the local router Ri
If the Interface is not empty and the number of router interfaces or the number of users num of users requested by the CST table is not greater than or equal to the threshold k, directly executing step S2-4;
s2-4, searching C in PIT tablexIf not found, discarding the data packet, if found, pressing C in PITxAnd the corresponding interface forwards the data packet.
Further, a router node in the named data network is provided with a Neighbor update message (NUP) for the router to periodically notify the Neighbor router of local information, and the router node receiving the Neighbor update message NUP updates information in the content state table CST and the Neighbor information table NST according to the content of the Neighbor update message NUP, and the specific steps are as follows:
s3-1, router RiPeriodically calculating the cache replacement rate in unit time
Figure BDA0001640973500000051
Wherein, S (f)k) Represents a node RiReplaced content fkSize of (C), C (R)i) Represents a node RiM represents the node R in unit timeiThe number of contents to be replaced; if Re (R)i) 0, indicating that the node cache is not full or no new content arrives;
s3-2, router RiPeriodically advertising local information to neighboring routers;
s3-3, after the neighbor router receives the update message, the neighbor information table NST updates the node cache replacement rate of the corresponding router according to the message content, if the content state table CST contains the replaced cache content, the content state table CST deletes the corresponding tuple.
Compared with the prior art, the principle and the advantages of the scheme are as follows:
1. due to the default caching decision LCE of the named data network, content caching is performed on all nodes on a packet return path, which wastes the storage space of the network greatly and causes cache content redundancy. According to the scheme, when the data response node returns the original path of the data packet corresponding to the interest packet, the cache decision is only carried out at the node where the user sends the request, so that the redundancy of cache contents can be effectively reduced while a higher cache hit rate is kept, the diversity of data in a network is improved, and the updating frequency of the cache contents in the node is reduced.
2. An attacker can infer whether a neighbor user has recently requested the content by measuring the round trip time of a particular content, and even the topological location of the user in the network. Cache privacy protection for named data networks is therefore of paramount importance. In order to prevent the relevant privacy information of the requester from being revealed, when the data packet corresponding to the interest packet is returned in the original path, the caching decision is only carried out on the node where the user sends the request, and the neighbor node to which the data packet is cached is determined according to the cache replacement rate of the node. Even if an attacker can know that the content has been accessed recently, the attacker cannot deduce which user has accessed the content recently through which router because of the cache cooperation in the region, so that the attacker can be prevented from detecting the privacy information of the requester, and the privacy of the requester can be effectively protected.
3. According to the scheme, the user anonymous area is enlarged in a neighbor cooperation caching mode to protect the caching privacy, compared with the CCSPP scheme provided by Kudzuvine and the like, the router does not need to execute the construction of the anonymous area and does not need to search data in the anonymous area, the realization difficulty of the anonymous area is reduced, and the time delay of local users for acquiring the data is reduced. Meanwhile, according to the scheme provided by the ge national multi-span and the like, while the user privacy protection is realized, the cache utilization is realized, but the content is only stored in the anonymous area with the highest hot spot on the path returned by the data packet, and if the users in other anonymous areas on the same path request the same data, a great probability of requesting the same data again is needed. According to the scheme, cache decision is carried out on all nodes of the data packet returning path where the user sends the request, and therefore cache utilization rate and cache hit rate are improved.
Drawings
FIG. 1 is a named data network topology;
FIG. 2 is a flow chart of interest packet forwarding according to the present invention;
FIG. 3 is a flow chart of a packet buffering decision process according to the present invention.
Detailed Description
Before setting forth the specific embodiments, the meaning of each symbol, phrase used in the present invention is first given:
the meaning of each symbol is as follows:
Ri: a router node i, a unique identity of the node;
Cx: a content x;
Uy: an encrypted user y's token;
CS: content Store of the router;
Re(Ri): the cache replacement rate of router node i;
CST: a Content State Table;
NST: neighbor State Table, neighbor State Table;
PIT: pending Interest Table, Pending Interest Table;
FIB: forwarding Information table, Forwarding Information Base;
NUP: neighbor update messages, Neighbor update packets;
num of User/uReq: all requested content CiThe number of users of (c);
an Interface: represents an interface with a neighbor router, where 0 represents a local router;
user Set/ueset: user set, content CiA set of encrypted user tokens for a corresponding requestor;
k: judging whether a threshold value for caching is carried out at the current node;
the invention will be further illustrated with reference to specific examples:
the named data network privacy protection caching decision method based on k anonymity comprises the following steps:
existing setting router R0The CST of (A) is shown in Table 1, and the NST is shown in Table 2. CST maintains the content state of local node or neighbor node, and the user set is content CxCorrespond toThe requested amount of users is all the requested contents CxInterface 0 indicates that the content is stored at the local router, and 1-n indicates the interface with the neighbor router. The interface and neighbor routers are empty indicating that the requested packet has not yet arrived at the node. The network topology used in this embodiment is shown in fig. 1.
TABLE 1 Content State Table (CST)
Figure BDA0001640973500000071
Figure BDA0001640973500000081
TABLE 2 Neighbor State Table (NST)
Figure BDA0001640973500000082
As shown in fig. 2, the processing steps of the node when receiving the interest packet are as follows:
s1-1, searching whether the content C exists in the content state table CSTxIf not, go to step S1-4; if so, searching whether a user U exists in the user set uSet of the content state table CST or notyIf not, go to content CxUser set uSet of (1) adds UyAdding 1 to the number of users; if yes, go to step S1-2;
s1-2, judging content C in CST tablexValue of corresponding Interface: if the Interface is empty, go to step S1-5; if the Interface is equal to 0, returning a data packet to the user according to the content in the CS, and ending the process; if the Interface is not null or zero, go to step S1-3;
s1-3, according to content C in CST tablexThe corresponding interface is forwarded to the neighbor router (in the strategy, the router has no interface 0, and the interface 0 indicates that the content is cached locally), and the process is ended;
S1-4、adding a piece of content C to CSTxRecord of user UyAdding a user set, and requesting the user amount to increase by 1;
s1-5, searching content C in PITxIf found, the content C is processedxAdd the arrival interface to the PIT and discard the interest packet; otherwise look up content C in FIBx
S1-6, finding content C in FIBx(ii) a Forwarding according to the found interface list, and adding a new entry of the interest packet in the PIT; not found in the FIB, indicating that the network cannot respond to the request, the interest packet is discarded.
As shown in fig. 3, when the data packet corresponding to the interest packet is returned from the original route, the cache decision step after the router node receives the data packet is as follows:
S2-1、Cxthe data packet arrives at the user and sends out a request C on the way of returningxNode R ofiFind out whether CS has CxIf there is a data packet, the data packet is directly discarded, otherwise C is searched in CSTx
S2-2, if C is found in CSTxThen, go to step S2-3; if C is not found in CSTxThen step S2-4 is executed;
s2-3, judging whether the Interface is empty and whether the number of router interfaces or the number of users requested by the CST table num of users is more than or equal to a threshold k;
if the Interface is empty and the number of interfaces of the router or the number of users num of users requested by the CST table is greater than or equal to the threshold k, the data packet copy is cached in the router RiThe interface of CST table is updated to 0, and the neighbor router is updated to the local router Ri
If the Interface is empty and the number of router interfaces or the number of users num of User requested by the CST table is not more than the threshold k, selecting the neighbor node R with the minimum cache replacement rate according to the NSTiForwarding and buffering the packet copy to RiUpdating the selected neighbor interface to CST;
if the Interface is not empty and the number of router interfaces or the number of users requested by CST table is num of users greater than or equal toAt threshold k, the packet copy is buffered in the router RiThe interface of CST table is updated to 0, and the neighbor router is updated to the local router RiUpdating the corresponding neighbor interface in the CST;
if the Interface is not empty and the number of router interfaces or the number of users num of users requested by the CST table is not greater than or equal to the threshold k, directly executing step S2-4;
s2-4, searching C in PIT tablexIf not found, discarding the data packet, if found, pressing C in PITxAnd the corresponding interface forwards the data packet.
The following illustrates the decision process of the cache policy according to the data in table 1 and table 2:
let k be 30, the user passes through router R5Has requested data D1Now, the content provider returns a data packet D1At a node R along the way3When a User is found to make a request, num of User of CST is 10, because it is less than k, Re (R) in NST is foundi) Node R with the smallest value2Data packet D1Is duplicated from the router R3Interface 2 forwards to the neighbor router for cooperative caching, and R is the same time3Go on to hold D1Return to R5
Through a neighbor update message NUP, a router periodically announces local information to a neighbor router, and the method comprises the following specific steps:
s3-1, router RiPeriodically calculating the cache replacement rate in unit time
Figure BDA0001640973500000101
Wherein, S (f)k) Represents a node RiReplaced content fkSize of (C), C (R)i) Represents a node RiM represents the node R in unit timeiThe number of contents to be replaced; if Re (R)i) 0, indicating that the node cache is not full or no new content arrives;
s3-2, router RiPeriodically advertising local messages to neighboring routersThe structure is shown in table 3;
s3-3, after the neighbor router receives the update message, the neighbor information table NST updates the node cache replacement rate of the corresponding router according to the message content, if the content state table CST contains the replaced cache content, the content state table CST deletes the corresponding tuple.
TABLE 3 Neighbor update messages (NUP)
Router sign Ri
Cache replacement rate Re (R)i)
Time of message creation
Replaced cache content Ci
In the embodiment, when the data response node returns the original path of the data packet corresponding to the interest packet, the cache decision is only performed at the node where the user sends the request, so that the redundancy of cache contents is effectively reduced while a higher cache hit rate is maintained, the diversity of data in the network is improved, and the update frequency of the cache contents in the node is reduced. In addition, when the original path of the data packet corresponding to the interest packet is returned, the cache decision is only carried out on the node which sends the request by the user, and the cache of which neighbor node is cached is determined according to the cache replacement rate of the node. Even if an attacker can know that the content has been accessed recently, the attacker cannot deduce which user has accessed the content recently through which router because of the cache cooperation in the region, so that the attacker can be prevented from detecting the privacy information of the requester, and the privacy of the requester can be effectively protected. Moreover, the user anonymous area is expanded by means of neighbor cooperative caching to protect the caching privacy, the router does not need to execute construction of the anonymous area, data searching in the anonymous area is not needed, the implementation difficulty of the anonymous area is reduced, and the time delay of local users for acquiring data is reduced.
The above-mentioned embodiments are merely preferred embodiments of the present invention, and the scope of the present invention is not limited thereto, so that variations based on the shape and principle of the present invention should be covered within the scope of the present invention.

Claims (3)

1. A named data network privacy protection cache decision method based on k anonymity is characterized in that a content state table CST and a neighbor information table NST are added in a router node of a named data network and used for counting the quantity of content requesting users and an encrypted requesting user set when an interest packet reaches the node;
when the router node receives the interest packet, according to the content C in the content status table CSTxAnd encrypted user UyModifying the requested amount of users of the content;
when the original path of the data packet corresponding to the interest packet is returned, caching decision is only carried out on the node where the user sends the request, and an anonymous set for access is increased by using the k anonymous characteristic to carry out neighbor cooperative caching;
when the original route of the data packet corresponding to the interest packet is returned, the cache decision step of the router node for receiving the data packet is as follows:
s2-1, when the data packet of Cx is in the return way, the data packet reaches a node Ri which sends a request Cx by a user, whether the CS has the data packet of Cx is searched, if yes, the data packet is directly discarded, and if not, the Cx is searched in CST;
s2-2, if Cx is found in CST, executing step S2-3; if Cx is not found in CST, executing step S2-4;
s2-3, judging whether the Interface is empty and whether the number of router interfaces or the number of users requested by the CST table num of users is more than or equal to a threshold k;
if the Interface is empty and the number of interfaces of the router or the number of users num of users requested by the CST table is greater than or equal to a threshold value k, the data packet copy is cached in the router Ri, the Interface of the CST table is updated to be 0, and the neighbor router is updated to be the router Ri;
if the Interface is empty and the number of router interfaces or the number of users num of users requested by the CST table is not more than or equal to a threshold value k, selecting a neighbor node Ri with the minimum cache replacement rate according to the NST, forwarding and caching the data packet copy to the Ri, and updating the selected neighbor Interface to the CST;
if the Interface is not empty and the number of interfaces of the router or the number of users num of users requested by the CST table is greater than or equal to a threshold value k, the data packet copy is cached in the router Ri, the Interface of the CST table is updated to be 0, and the neighbor router is updated to be the router Ri;
if the Interface is not empty and the number of router interfaces or the number of users num of users requested by the CST table is not greater than or equal to the threshold k, directly executing step S2-4;
s2-4, searching Cx in PIT table, if not found, discarding the data packet, if found, forwarding the data packet according to interface corresponding to Cx in PIT.
2. The k-anonymity based named-data network privacy protection caching decision method according to claim 1, wherein when the router node receives the interest packet, the specific processing steps are as follows:
s1-1, searching whether the content C exists in the content state table CSTxIf not, go to step S1-4; if so, searching whether a user U exists in the user set uSet of the content state table CST or notyIf not, go to content CxUser set uSet of (1) adds UyAdding 1 to the number of users; if yes, go directly to step S1-2;
s1-2, judging content C in CST tablexValue of corresponding Interface: if the Interface is empty, go to step S1-5; if the Interface is equal to 0, returning a data packet to the user according to the content in the CS, and ending the process; if the Interface is not null or zero, go to step S1-3;
s1-3, according to content C in CST tablexThe corresponding interface is forwarded to the neighbor router, and the process is finished;
S1-4、adding a piece of content C to CSTxRecord of user UyAdding a user set, and requesting the user amount to increase by 1;
s1-5, searching content C in PITxIf found, the content C is processedxAdding the arrival interface to the PIT, and discarding the interest packet, and ending the process; otherwise look up content C in FIBx
S1-6, finding content C in FIBx(ii) a Forwarding according to the found interface list, and adding a new entry of the interest packet in the PIT; not found in the FIB, indicating that the network cannot respond to the request, the interest packet is discarded.
3. The k-anonymity-based named data network privacy protection caching decision method according to claim 1, wherein a router node in the named data network is provided with a neighbor update message NUP for periodically notifying local information to a neighbor router by the router, and the router node receiving the neighbor update message NUP updates information in the content state table CST and the neighbor information table NST according to the content of the neighbor update message NUP, and the specific steps are as follows:
s3-1, router RiPeriodically calculating the cache replacement rate in unit time
Figure FDA0002893409460000031
Wherein, S (f)k) Represents a node RiReplaced content fkSize of (C), C (R)i) Represents a node RiM represents the node R in unit timeiThe number of contents to be replaced; if Re (R)i) 0, indicating that the node cache is not full or no new content arrives;
s3-2, router RiPeriodically advertising local information to neighboring routers;
s3-3, after the neighbor router receives the update message, the neighbor information table NST updates the node cache replacement rate of the corresponding router according to the message content, if the content state table CST contains the replaced cache content, the content state table CST deletes the corresponding tuple.
CN201810381113.9A 2018-04-25 2018-04-25 Named data network privacy protection caching decision method based on k anonymity Expired - Fee Related CN109040163B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810381113.9A CN109040163B (en) 2018-04-25 2018-04-25 Named data network privacy protection caching decision method based on k anonymity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810381113.9A CN109040163B (en) 2018-04-25 2018-04-25 Named data network privacy protection caching decision method based on k anonymity

Publications (2)

Publication Number Publication Date
CN109040163A CN109040163A (en) 2018-12-18
CN109040163B true CN109040163B (en) 2021-03-30

Family

ID=64630219

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810381113.9A Expired - Fee Related CN109040163B (en) 2018-04-25 2018-04-25 Named data network privacy protection caching decision method based on k anonymity

Country Status (1)

Country Link
CN (1) CN109040163B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625565B (en) * 2020-05-22 2022-09-02 哈尔滨工程大学 Multi-attribute cooperative caching method for information center network cache privacy protection
CN111917658B (en) * 2020-07-01 2022-02-25 大连理工大学 Privacy protection cooperative caching method based on grouping under named data network
CN112612727B (en) * 2020-12-08 2023-07-07 成都海光微电子技术有限公司 Cache line replacement method and device and electronic equipment
CN114844670B (en) * 2022-03-22 2023-03-10 电子科技大学 IP address hiding method based on named network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103905538A (en) * 2014-03-22 2014-07-02 哈尔滨工程大学 Neighbor cooperation cache replacement method in content center network
CN106790638A (en) * 2017-01-10 2017-05-31 北京邮电大学 Data transmission method and system based on active cache in name data network
WO2017165246A1 (en) * 2016-03-25 2017-09-28 Cisco Technology, Inc. System and method for routing packets in a content centric network using anonymous datagrams
WO2017192569A1 (en) * 2016-05-04 2017-11-09 Cisco Technology, Inc. System and method for routing packets in a stateless content centric network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103905538A (en) * 2014-03-22 2014-07-02 哈尔滨工程大学 Neighbor cooperation cache replacement method in content center network
WO2017165246A1 (en) * 2016-03-25 2017-09-28 Cisco Technology, Inc. System and method for routing packets in a content centric network using anonymous datagrams
WO2017192569A1 (en) * 2016-05-04 2017-11-09 Cisco Technology, Inc. System and method for routing packets in a stateless content centric network
CN106790638A (en) * 2017-01-10 2017-05-31 北京邮电大学 Data transmission method and system based on active cache in name data network

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Content-centric networking using anonymous datagrams;J. J. Garcia-Luna-Aceves等;《2016 IFIP Networking Conference (IFIP Networking) and Workshops》;20160623;全文 *
内容中心网络中面向隐私保护的协作缓存策略;葛国栋;《电子与信息学报》;20150515;全文 *

Also Published As

Publication number Publication date
CN109040163A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
Zhang et al. A survey of caching mechanisms in information-centric networking
CN109040163B (en) Named data network privacy protection caching decision method based on k anonymity
Ghali et al. Needle in a haystack: Mitigating content poisoning in named-data networking
Xylomenos et al. A survey of information-centric networking research
Le et al. Social caching and content retrieval in disruption tolerant networks (DTNs)
Sourlas et al. Information resilience through user-assisted caching in disruptive content-centric networks
Chatterjee et al. Security issues in named data networks
Dutta et al. Caching scheme for information‐centric networks with balanced content distribution
Mick et al. Muncc: Multi-hop neighborhood collaborative caching in information centric networks
CN109788319B (en) Data caching method
An et al. An in-network caching scheme based on energy efficiency for content-centric networks
Mershad et al. SSUM: smart server update mechanism for maintaining cache consistency in mobile environments
CN105208553B (en) The guard method and system of CCMANET requesting node retrieval privacy
CN108769252A (en) A kind of ICN network pre-cache methods based on request content relevance
Yamamoto A survey of caching networks in content oriented networks
Lal et al. A centrality-measures based caching scheme for content-centric networking (CCN)
CN108712391B (en) Method for coping with naming attack and time analysis attack in content-centric network
Fan et al. Popularity and gain based caching scheme for information-centric networks
Qin et al. A probability-based caching strategy with consistent hash in named data networking
Zhu et al. Popularity-based neighborhood collaborative caching for information-centric networks
Feng et al. Cache-filter: A cache permission policy for information-centric networking
Seyyed Hashemi et al. Analytical characterization of cache replacement policy impact on content delivery time in information‐centric networks
Yang et al. Content-based hyperbolic routing and push mechanism in named data networking
Gupta et al. On the role of named data networking for IoT content distribution
Aoki et al. Effective content management technique based on cooperation cache among neighboring routers in content-centric networking

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20210330