KR101760603B1 - Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor - Google Patents

Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor Download PDF

Info

Publication number
KR101760603B1
KR101760603B1 KR1020160014385A KR20160014385A KR101760603B1 KR 101760603 B1 KR101760603 B1 KR 101760603B1 KR 1020160014385 A KR1020160014385 A KR 1020160014385A KR 20160014385 A KR20160014385 A KR 20160014385A KR 101760603 B1 KR101760603 B1 KR 101760603B1
Authority
KR
South Korea
Prior art keywords
content
specific content
value
reliability
peers
Prior art date
Application number
KR1020160014385A
Other languages
Korean (ko)
Inventor
제이납
오희국
Original Assignee
한양대학교 에리카산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한양대학교 에리카산학협력단 filed Critical 한양대학교 에리카산학협력단
Priority to KR1020160014385A priority Critical patent/KR101760603B1/en
Application granted granted Critical
Publication of KR101760603B1 publication Critical patent/KR101760603B1/en

Links

Images

Classifications

    • H04L67/2842
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L67/2804
    • H04L67/2809

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A trust-based cache pollution mitigation method and apparatus are disclosed. A cache pollution mitigation method according to an embodiment of the present invention includes calculating credibility for each of the peers; Calculating a trusted value for the particular content based on the calculated confidence for each of the peers associated with the particular content; And determining whether to store the specific content in the cache based on the calculated trust value, wherein the step of calculating a trust value for the specific content comprises: determining an average reliability for the peers that transmitted the specific content, A trust value for the specific content may be calculated using popularity of the specific content and negative feedback indicating an interest message including an excluded field for the specific content.

Description

Technical Field [0001] The present invention relates to a trust-based cache pollution mitigation method and apparatus,

The present invention relates to cache pollution mitigation techniques, and more particularly, to a method and apparatus that mitigate cache pollution on a trust basis in a network such as a content-centric network (CCN) to improve network efficiency.

People evaluate the value of the Internet for the content they are searching for, but communication is based on the location of the information.

The content-centric network (CCN) is a network capable of replacing the current Internet architecture. The CCN uses named data for communication instead of location, and uses an interest packet and a data packet (data packet).

The user broadcasts the interleaved packet to request the content, and the node having the corresponding content replies with the data packet corresponding to the interleaved packet. An intervening router caches data in a content storage means, e.g., a buffer memory, and answers the requestor based on data stored in the cache. In the CCN, each router has three main components: a forwarding information base (FIB), a content storage means (eg, content store or buffer memory) and a pending interest table (PIT).

The intermediate routers check their content stores when they receive the intercept messages and return the content to the requester who requested the content if they have content satisfying the intercept message in the content store. On the other hand, if the content store does not have content satisfying the interrest message, the intermediate router checks the PIT table, and if there is a matching PIT entry, the arrival face of the intercept is added to the RequestingFaces list of the PIT entry And the corresponding inter- est message is ignored.

If there is a matching FIB entry, the destination interface is removed from its face list, and if the result list is not empty, the data is transmitted over the remaining paces, and a new PIT is created for the corresponding inter- do.

If the FIB does not match the corresponding inter- est, the inter- est is ignored because no data can be received from the router.

In such networks, caching is an important factor for speeding up response times, reducing bandwidth usage and original server load, and cache pollution attacks are a factor in reducing network performance.

Thus, there is a need for a method for mitigating cache pollution in a network.

Embodiments of the present invention provide a method and apparatus that can improve network efficiency by mitigating cache pollution on a trust basis in a network such as a content-centric network (CCN).

A cache pollution mitigation method according to an embodiment of the present invention includes calculating credibility for each of the peers; Calculating a trusted value for the particular content based on the calculated confidence for each of the peers associated with the particular content; And determining whether to store the specific content in the cache based on the calculated confidence value.

The step of calculating the trust value for the specific content may include calculating an average value of the reliability of the specific content based on the average reliability of the peers that transmitted the specific content, the popularity of the specific content, the negative feedback indicating the interest message may be used to calculate the confidence value for the particular content.

Wherein the step of calculating the confidence value for the specific content includes calculating a confidence value in the case where a difference between two intermittent trust values for the specific content is smaller than a predetermined value as an optimal trust value, May determine whether to store the particular content in the cache based on the calculated optimal trust value.

Further, the cache pollution mitigation method according to an embodiment of the present invention may further include updating the reliability of the peers that have transmitted the specific content using the trust value for the specific content.

The step of determining whether to store the specific content may store the specific content in the cache when the confidence value for the specific content is equal to or greater than a predetermined reference trust value.

Wherein the step of calculating reliability includes calculating reliability of peers transmitting content based on an average trust value for the content sent to the router and determining reliability for peers transmitting an in- Based on the transmission amount of the transmission signal.

A cache pollution mitigation apparatus in accordance with an embodiment of the present invention calculates a credibility for each of the peers and determines a trust for the particular content based on the reliability calculated for each of the peers associated with the particular content A calculation unit for calculating a trusted value; And a determination unit for determining whether to store the specific content in the cache based on the calculated confidence value.

The calculation unit may use negative feedback indicating an average reliability for the peers that transmitted the specific content, a popularity for the specific content, and an interest message including an excluded field for the specific content And calculate a confidence value for the specific content.

Wherein the calculation unit calculates a confidence value as an optimal trust value when a difference between two intermittent trust values for the specific content is smaller than a predetermined value, and the determination unit determines, based on the calculated optimal trust value, It is possible to determine whether or not to store the specific content.

Furthermore, the cache pollution mitigation apparatus according to an embodiment of the present invention may further include an update unit for updating the reliability of the peers that have transmitted the specific content using the trust value for the specific content.

The determining unit may determine to store the specific content in the cache when the confidence value for the specific content is equal to or greater than a predetermined reference trust value.

Wherein the calculating unit calculates the reliability of the peers transmitting the content based on the average reliability value of the content transmitted to the router and the reliability of the peers transmitting the at least one message to the amount of transmission of the at least one message Can be calculated.

According to embodiments of the present invention, network efficiency can be improved by mitigating cache pollution on a trust basis in a network such as a content-centric network (CCN).

According to the embodiments of the present invention, cache pollution can be alleviated by being applied to a router, a mobile phone device, and an OBU (on board unit) device.

According to embodiments of the present invention, cache pollution can be mitigated in other kinds of networks such as PTP, named data network (NDN), and vehicle type Ad Hoc network (VANET).

According to embodiments of the present invention, since the user's request can be obtained from the cache of the intermediate router containing the valid content, the response time can be reduced and the bandwidth usage and the original server load can be greatly reduced.

1 shows an operation flow chart for the algorithm 1 in the present invention.
2 shows an operation flow chart for the algorithm 2 in the present invention.
Figure 3 shows a time sequence diagram of the method according to the invention
4 illustrates a configuration of a cache pollution mitigation apparatus according to an embodiment of the present invention.

Hereinafter, embodiments according to the present invention will be described in detail with reference to the accompanying drawings. However, the present invention is not limited to or limited by the embodiments. In addition, the same reference numerals shown in the drawings denote the same members.

When Internet users request data, the server queries the database to look up the requested data, and then the data can be cached in an intervening router to improve the response time of the request. However, cache pollution attacks can reduce the performance of network and stored data.

There are two solutions to solve the cache pollution problem. The first solution is to use cryptographic methods to identify valid content and remove invalid content from memory. The second solution is to encrypt By using a trust-based technique without using the technique, trust management is not required and the amount of computation can be reduced compared with the encryption technique.

Accordingly, the present invention aims to alleviate cache pollution not only by mitigating cache pollution, but also by using a trust base that can generate motivation among users exchanging valid content.

The notation used in the present invention and a description thereof are shown in Table 1 below.

sign Explanation

Figure 112016012381545-pat00001
The popularity of the content c at the router u in the time window wt (the popularity of the content router for the recent time window wt)
Figure 112016012381545-pat00002
 The total number of content messages received by Router u at time window wt (total number of content messages that router received in recent time window wt)
Figure 112016012381545-pat00003
 The total number of inter- est messages received by the router in the time window wt (the total number of the interesting messages that router received in the recent time window wt)
Figure 112016012381545-pat00004
 The amount of negative feedback for content c in the time window wt (the amount of negative feedback for the recent time window wt)
Figure 112016012381545-pat00005
 The number of contents transmitted from the peer j to the router u in the time window wt (the number of contents that peer jents to the router u in the recent time window wt)
Figure 112016012381545-pat00006
 The number of peers that transmitted the content c from the time window wt (the number of peers that sent the content in the recent time window wt)
Figure 112016012381545-pat00007
 The ratio of the popularity of the content c received by the router u to the total popularity of the entire content in the time window wt and the ratio of the total popularity of the entire content to the total popularity )
Figure 112016012381545-pat00008
 The reliability of the peer j at the router u in the time window wt (the credibility of the peer j for a recent time window wt)
Figure 112016012381545-pat00009
 The credibility of the peer j that transmitted the content message to the router u in the time window wt (the credibility of the peer j)
Figure 112016012381545-pat00010
 The reliability of the peer j that transmitted the inter- est message to the router u in the time window wt is given by:
Figure 112016012381545-pat00011
 The jth peer of router u of router u
Figure 112016012381545-pat00012
 The trust value for content c of Router u in time window wt (Trusted value for content of router u in recent time window wt)
Figure 112016012381545-pat00013
 The trust value of the c-th content transmitted to the router u by the peer j in the time window wt,
Figure 112016012381545-pat00014
 The default value for the reliability of peers between 0 and 1 (which is the default value for the credibility of peers, which is between zero and one)
Figure 112016012381545-pat00015
 Recent time window

The initialization process will be described as follows.

1) A uniform and Zipf-like distribution is detected to filter uniform traffic. The variance of the incoming request distribution from the other interface can be computed to detect a distributed attack, in which case the variance can be zero.

2) The total number of interrupts that the peer Pu (j) transmits to the router u may be counted from the time from when the peer receives the reliability of the content message transmitted from the start of the inter- est message transmission.

3) Estimate the total number of messages nIu (p (j)) of the jth peer. All calculations are made in time window wt. The window size may be slid according to a schedule time and the slide time may be updated based on the length of the window after t seconds of the received packet or last cache update and depending on the router policy.

4) In this topology, there are two kinds of routers. That is, there are edge routers and intermediate routers (or core routers). Routers respond to or store the peer's requests (inter-messages) with probabilities.

At this time, the probability is equal to the confidence cr (p (j), u) of the peer. This performance creates an incentive between users connecting to the edge router to resolve the trust of the user exchanging the trust content.

5) The router considers the default value e d for the reliability of the peers. In the second algorithm described below, a default trust value T default may be considered for each piece of content.

6) When accepting all the intercepted messages i of a given content c from the peer, the popularity of that content may be increased, depending on the trust of the peer. If the request accepted for a particular content includes an exclude field, it is considered as negative feedback and the negative feedback amount nf u (c) will be increased. For the confidence value, the exponential function e - nfu (c) for the negative feedback can be considered to further consider the effect of the negative feedback over the popularity.

Hereinafter, an algorithm 1 for calculating a trust value of content and an algorithm 2 for calculating an optimal trust value will be described with respect to the present invention.

Fig. 1 shows an operation flow chart for the algorithm 1 in the present invention. The algorithm 1 will be described with reference to Fig.

Algorithm 1 is an algorithm for calculating the trust value of the content, all the second time windows are slid, and the procedure is performed during that time window.

Scheduling the updated trust value (1), and for all the peers of the router u that does not transmit the content, the reliability is calculated as shown in Equation (1) below.

[Equation 1]

Figure 112016012381545-pat00016

Further, the reliability for the peers transmitting the content can be calculated based on the average trust value for the content c transmitted to the router, and the reliability for the peers transmitting the inter- Can be calculated on the basis of.

For all content, for all the received intercepted packets for content in the time window wt, the following process is performed.

When the content c does not include an exclusion field, the following Equation 2 is performed.

&Quot; (2) "

Figure 112016012381545-pat00017

As can be seen from Equation (2), when the content c does not include an exclusion field, the popularity of the content c is updated using the calculated reliability, and the popularity of the content is updated using the updated popularity of the content c And calculates the ratio of the total content to the total popularity.

On the other hand, if the content c includes an exclude field, that is, in the case of negative feedback, the amount of negative feedback is updated using Equation 3 below.

&Quot; (3) "

Figure 112016012381545-pat00018

That is, when the content c includes an exclusion field, the amount of negative feedback is updated using the reliability of the peer j that transmitted the inter-message to the router u in the time window wt.

The trust value for the content c can be calculated as shown in Equation (4) below.

&Quot; (4) "

Figure 112016012381545-pat00019

As can be seen from Equation (4), the confidence value for the content c is the sum of the reliability of the peers that transmitted the content c, the ratio of the popularity of the content to the total popularity of the entire content, the amount of negative feedback to the content c, Lt; / RTI > may be computed using the number of peers that have transmitted < RTI ID = 0.0 >

Specifically, the reliability of the peer that transmitted the content c is used to calculate the average reliability ((3) -i), the negative feedback of the content c is calculated using the reliability of the content c including the exclusion field ) -ii), the popularity of the content c is calculated ((3) -iii) by using the reliability of the content c not including the exclusion field, and (3) And calculates the trust value of the content c.

After calculating the trust value for the given content, for example, the content c through the above process, it is determined whether to cache or drop the content (5). If it is determined to store the content, And stores the content at the same probability as the trust value.

Here, the router may determine to store the content in the cache when the trust value for the content is equal to or greater than a predetermined reference trust value, and when the content is stored in the cache in the cache, Or may be a trust value set by the provider providing the technology if the content is not stored in the cache in the cache.

After calculating the trust value for a given content, the router stores the content with the same probability as the trust value.

Accordingly, the reliability of the peers transmitting the content can be updated according to the calculated confidence value as shown in Equation (5) below.

&Quot; (5) "

Figure 112016012381545-pat00020

As can be seen from Equation (5), the reliability of the peer that transmitted the content-c message can be updated based on the trust value calculated for the content-c. Specifically, the reliability of each of the content transmitted from the peer The reliability of the corresponding peer can be updated using the sum and the number of content messages transmitted from the peer.

Fig. 2 shows an operation flow chart for the algorithm 2 in the present invention. The algorithm 2 will be described with reference to Fig. 2. Fig.

Algorithm 2 is an algorithm for calculating the optimal trust value of the content c, and since the final decision is based on a trust value, this value can be calculated through the reliability that can be updated according to the trust value, The value can be calculated.

Every second time window is slid, and the procedure is performed during that time window.

Scheduling the updated trust value (1), and for all the peers of the router u that do not transmit the content, the reliability is calculated using Equation (6) below.

&Quot; (6) "

Figure 112016012381545-pat00021

Further, the reliability for the peers transmitting the content can be calculated based on the average trust value for the content c transmitted to the router, and the reliability for the peers transmitting the inter- Can be calculated on the basis of.

In order to calculate the optimal trust value for all the contents, the trust value for the content c is set to a default value T default as shown in Equation (7) below.

&Quot; (7) "

Figure 112016012381545-pat00022

Then, for all the received intercept packets for the content in the time window wt, the following process is performed.

If the content c does not include an exclusion field, the following Equation 8 is performed.

&Quot; (8) "

Figure 112016012381545-pat00023

As can be seen from Equation (8), when the content c does not include an exclusion field, the popularity of the content c is updated using the calculated reliability, and the popularity of the content is updated using the updated popularity of the content c And calculates the ratio of the total content to the total popularity.

On the other hand, if the content c includes an exclusion field, that is, in the case of negative feedback, the amount of negative feedback is updated using Equation (9) below.

&Quot; (9) "

Figure 112016012381545-pat00024

That is, when the content c includes an exclusion field, the amount of negative feedback is updated using the reliability of the peer j that transmitted the inter-message to the router u in the time window wt.

In order to calculate the optimal trust value for the content c, a confidence value for the k value is calculated as shown in Equation (10) below (4).

&Quot; (10) "

Figure 112016012381545-pat00025

Here, k is an integer value increasing from 0 to 1, and the trust value calculated for the current k value is updated to the trust value for the content c. That is, T u (c) 0 , T u (c) 1 , and T u (c) 2 are recursively calculated while increasing k value by 1.

As can be seen from Equation (10), the trust value for the content c having the value k is the sum of the reliability of the peers that transmitted the content c, the ratio of the popularity of the content to the total popularity of the entire content, And the number of peers that transmitted the content c.

Specifically, the reliability of the peer that transmitted the content c is used to calculate the average reliability ((3) -i), the negative feedback of the content c is calculated using the reliability of the content c including the exclusion field ) -ii), the popularity of the content c is calculated ((3) -iii) by using the reliability of the content c not including the exclusion field, and (3) And calculates the confidence value of the content c having the value k.

Accordingly, the reliability of the peers transmitting the content can be updated according to the calculated confidence value as shown in Equation (11) below.

&Quot; (11) "

Figure 112016012381545-pat00026

Here, δ means a difference between two intermittent confidence values for the content c, and increases k by 1 until the δ is smaller than a predetermined constant value, Is recursively performed.

That is, the process from Equation (8) to Equation (11) is recursively performed while increasing the value k by 1 until? Becomes smaller than a predetermined constant value, and if? Is smaller than a predetermined constant value, The final value can be determined as the optimal trust value (7, 8). The optimal trust value can be defined as the probability of the content being cached on the router.

After calculating an optimal trust value for a given content, for example, content c through the above process, it is determined whether to cache or drop the content (9). If it is determined to store the content, Lt; RTI ID = 0.0 > probability < / RTI >

Here, the router may determine to store the content in the cache when the trust value for the content is equal to or greater than a predetermined reference trust value, and when the content is stored in the cache in the cache, Or may be a trust value set by the provider providing the technology if the content is not stored in the cache in the cache.

After calculating the trust value for a given content, the router stores the content with the same probability as the trust value.

If the final trust value for the corresponding content is determined in step 9, the reliability of the peers transmitting the content is updated based on the final trust value determined in step (10).

The trust-based cache pollution mitigation method according to the embodiment of the present invention will be described using the above-described algorithm 1 and algorithm 2 as follows.

The trust-based cache pollution mitigation method according to the embodiment of the present invention can be implemented in other kinds of networks, specifically, in the CCN.

The method according to the present invention can be performed using PIT, cache memory, and cache reliability, which are three DBs.

1. Update the trust value function at schedule time. The time to update is defined based on the received packet or t seconds after the last cache updating. This means that if the router receives a packet within the t second interval of the last update, the router updates the cache at the time of the received packet and updates the value after t seconds if the router does not receive any packets during this time. That is, if a packet is received within t seconds of the last cache update, the cache is updated at the time of reception, otherwise, the cache is updated after t seconds. If the cache is full, the content having the smallest confidence value among the contents stored in the cache can be removed. The scheduling time function can obtain the information of the received message from the PIT and the cache memory DB.

2. Cache reliability can be updated according to the content messages and the inter-messages transmitted by the peers. Within all time windows, the confidence cr (p (j), u) of the peers can be computed according to the following policy.

2.1 The reliability of the peers that transmitted the content can be recalculated based on the average trust value for the content sent to the router.

2.2 The reliability of the peer that transmitted only the inter- est message can be reduced by how many in- terest messages are transmitted.

2.3 The reliability of peers that do not send interlaces and content messages can be considered to be a preset default value.

3. Depending on the scheduling time function, the time window may be slid and, for certain content, the average reliability, popularity, and amount of negative feedback of the peers that transmitted the content c may be calculated. That is, old messages are removed and newly accepted messages can be added to compute these values.

3.1 The average reliability of the peers that transmitted this content can be calculated from this function. If the given content is received from other peers that have not previously transmitted, then the number of peers that transmitted that content, np u (c), may increase.

3.2 The default value for feedback is considered zero, which means positive feedback, and the router considers it as negative feedback whenever it receives an inter- est message containing an exclusion field of content c. nf u (c) may be increased based on the reliability of the peer that transmitted this feedback.

3.3 The default value for popularity is taken to be zero, and the router increases the popularity based on the trustworthiness of the peer that sent the message when it receives an inter-message for content c.

4. For content c at time window wt, a confidence value can be computed based on the popularity of the peer that transmitted the content, the negative feedback and the average reliability. After this step, step 7 of algorithm 2 can be performed.

5. For Algorithm 1, the router decides whether to cache or drop the packet based on the trust value calculated in Step 4. If it is determined that the content is to be cached, it is stored in the cache memory DB, and the determination as to whether or not the cache is to be dropped can be made in step 7 of the algorithm 2 described above.

6. The reliability of the peers that transmitted this content can be updated according to the trust value and returns to step 1.

7. In algorithm 2, the confidence value can be calculated recursively until the difference (delta) between two intermittent confidence values for a given piece of content is less than a constant value. If this condition is satisfied, step 9 is performed, otherwise step 8 is performed.

8. The router updates the credibility cr (j, u, c) of the peer that transmitted the given content, according to the trust value calculated in step 7. The updated value may be inserted into the cache reliability DB to recalculate the confidence value for a given piece of content. Therefore, step 3 of algorithm 2 is performed after the step.

9. In algorithm 2, the router decides whether to store or drop the content based on the last value of the confidence value for the given content, i.e., the optimal confidence value. If the router decides to cache the content, the router stores the content in the cache memory DB.

10. The router updates the reliability of the peers that transmitted the content, and inserts these values into the DB associated with the reliability of the peers. Then, it returns to Step 1 of Algorithm 2.

FIG. 3 shows a time sequence diagram of the method according to the present invention. The time sequence diagram is as follows.

1. A user sends an interest message y requesting a content c to a router.

2. The router decides whether to accept or drop the inter- est message according to the user's credibility. If the router decides to drop the intercept message, the process ends.

3. After accepting the intercepted message, the router responds with the content message c to the user if the content is present in the cache.

4. On the other hand, if the router does not have the content, the router forwards the message to the service provider.

5. The service provider sends the corresponding content message c to the router.

6. Depending on the content's trust value, the router decides whether to cache or drop. If the router decides to drop the content, the process is reinitialized from the first step.

7. If the router decides to store the content, it sends the content message c to the user.

8. If the user does not verify the content c, it sends an interest message with an exclude field back to the router, which takes the message as negative feedback.

FIG. 4 illustrates a configuration of a cache pollution mitigation apparatus according to an embodiment of the present invention, illustrating a configuration of an apparatus for performing the operations of FIGS. 1 to 3 described above.

The apparatus shown in Fig. 4 can be mounted in a device for alleviating cache pollution, for example, a router or the like.

Referring to FIG. 4, the cache pollution mitigation apparatus 400 according to the present invention includes a calculation unit 410, a determination unit 420, and an update unit 430.

The calculation unit 410 calculates a credibility for each of the peers and calculates a trusted value for the specific content based on the reliability calculated for each of the peers associated with the specific content do.

At this time, the calculation unit 410 can calculate the reliability for all the peers of the router that does not transmit the content, and can calculate the reliability of the peers transmitting the specific content, the popularity of the specific content, A negative feedback for an interest message that includes an exclusion field for the content may be used to calculate a confidence value for the particular content.

Further, the calculation unit 410 may calculate a confidence value as an optimal trust value when the difference between two intermittent trust values for the specific content is smaller than a predetermined value. That is, the calculation unit can calculate the optimal trust value using the recursive solution.

The calculation unit 410 calculates the reliability for the peers transmitting the content based on the average reliability value for the content transmitted to the router, and calculates the reliability of the peers transmitting the content based on the amount of transmission of the inter- The reliability can be calculated.

The calculation unit 410 calculates the average reliability using the reliability of the peers that have transmitted the content, calculates the negative feedback of the content using the reliability of the content including the excluded field, and calculates the reliability of the content that does not include the excluded field Can be used to calculate the popularity of the content.

The determination unit 420 determines whether to store the specific content in the cache based on the calculated trust value for the specific content.

At this time, the determination unit 420 may determine to store the specific content in the cache when the trust value for the specific content is equal to or greater than a predetermined reference trust value.

Here, the reference trust value may be the lowest trust value among the trust values of the contents stored in the cache when the content is stored in the cache in the cache, and may be the trust value set by the provider providing the technology when the content is not stored in the cache Value.

The update unit 430 updates the reliability of the peers that have transmitted the specific content using the trust value for the specific content.

At this time, the update unit 430 may update the popularity of the content based on the reliability calculated for the peers, and may update the amount of negative feedback using the reliability of the peer that transmitted the inter-message.

At this time, the update unit 430 can update the cache after t seconds of the received packet or the last cache update, and if the cache is full, the content having the smallest trust value among the contents stored in the cache is removed, May be updated.

Of course, the apparatus according to the present invention can perform various functions described in Figs.

The system or apparatus described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components. For example, the systems, devices, and components described in the embodiments may be implemented in various forms such as, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable array ), A programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to execution of the software. For ease of understanding, the processing apparatus may be described as being used singly, but those skilled in the art will recognize that the processing apparatus may have a plurality of processing elements and / As shown in FIG. For example, the processing unit may comprise a plurality of processors or one processor and one controller. Other processing configurations are also possible, such as a parallel processor.

The software may include a computer program, code, instructions, or a combination of one or more of the foregoing, and may be configured to configure the processing device to operate as desired or to process it collectively or collectively Device can be commanded. The software and / or data may be in the form of any type of machine, component, physical device, virtual equipment, computer storage media, or device , Or may be permanently or temporarily embodied in a transmitted signal wave. The software may be distributed over a networked computer system and stored or executed in a distributed manner. The software and data may be stored on one or more computer readable recording media.

The method according to embodiments may be implemented in the form of a program instruction that may be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions to be recorded on the medium may be those specially designed and configured for the embodiments or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. For example, it is to be understood that the techniques described may be performed in a different order than the described methods, and / or that components of the described systems, structures, devices, circuits, Lt; / RTI > or equivalents, even if it is replaced or replaced.

Therefore, other implementations, other embodiments, and equivalents to the claims are also within the scope of the following claims.

Claims (12)

Computing credibility for each of the peers;
Calculating a trusted value for the particular content based on the calculated confidence for each of the peers associated with the particular content; And
Determining whether to store the specific content in the cache based on the calculated confidence value
Lt; / RTI >
And updates the popularity of the specific content based on the calculated reliability when the exclusive content is not included in the specific content, and updates the popularity of the specific content and the overall popularity of the entire content using the updated popularity of the specific content Updating an amount of negative feedback indicating an interest message including an exclusion field for the specific content when the specific content includes an exclusion field for the specific content
Further comprising:
The step of calculating a confidence value for the particular content
Using the sum of the reliability of the peers that transmitted the specific content, the calculated popularity of the specific content, the ratio of the total content to the total popularity, the amount of negative feedback to the specific content, and the number of peers that transmitted the specific content To calculate a confidence value for the particular content.
delete The method according to claim 1,
The step of calculating a confidence value for the particular content
Calculating a trust value when the difference between two intermittent trust values for the specific content is smaller than a predetermined value as an optimal trust value,
The step of determining whether to store the specific content
And determining whether to store the specific content in the cache based on the calculated optimal trust value.
The method according to claim 1,
Updating the reliability for the peers that have transmitted the specific content using the trust value for the specific content
Lt; RTI ID = 0.0 > 1, < / RTI >
The method according to claim 1,
The step of determining whether to store the specific content
Determining to store the specific content in the cache when the confidence value for the specific content is greater than or equal to a predetermined reference trust value.
The method according to claim 1,
The step of calculating the reliability
The reliability of the peers transmitting the content is calculated based on the average reliability value for the content transmitted to the router,
Wherein reliability for the peers that transmit the interleaved message is calculated based on the amount of transmission of the interleaved message.
A calculation unit for calculating a credibility for each of the peers and calculating a trusted value for the specific content based on the reliability calculated for each of the peers associated with the specific content; And
Determining whether to store the specific content in the cache based on the calculated confidence value;
Lt; / RTI >
And updates the popularity of the specific content based on the calculated reliability when the exclusive content is not included in the specific content, and updates the popularity of the specific content and the overall popularity of the entire content using the updated popularity of the specific content And updates the amount of negative feedback indicating an interest message including an exclusion field for the specific content when the specific content includes an exclusion field for the specific content.
Further comprising:
The calculation unit
Using the sum of the reliability of the peers that transmitted the specific content, the calculated popularity of the specific content, the ratio of the total content to the total popularity, the amount of negative feedback to the specific content, and the number of peers that transmitted the specific content To calculate a confidence value for the specific content.
delete 8. The method of claim 7,
The calculation unit
Calculating a trust value when the difference between two intermittent trust values for the specific content is smaller than a predetermined value as an optimal trust value,
The determination unit
And determines whether to store the specific content in the cache based on the calculated optimal trust value.
8. The method of claim 7,
The update unit
Wherein the reliability of the specific content is updated using the confidence value for the specific content.
8. The method of claim 7,
The determination unit
And to store the specific content in the cache when the confidence value for the specific content is equal to or greater than a predetermined reference trust value.
8. The method of claim 7,
The calculation unit
The reliability of the peers transmitting the content is calculated based on the average reliability value for the content transmitted to the router,
Wherein reliability for the peers that transmit the intercepted message is calculated based on the amount of transmission of the intercepted message.
KR1020160014385A 2016-02-04 2016-02-04 Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor KR101760603B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160014385A KR101760603B1 (en) 2016-02-04 2016-02-04 Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160014385A KR101760603B1 (en) 2016-02-04 2016-02-04 Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor

Publications (1)

Publication Number Publication Date
KR101760603B1 true KR101760603B1 (en) 2017-07-24

Family

ID=59429299

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160014385A KR101760603B1 (en) 2016-02-04 2016-02-04 Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor

Country Status (1)

Country Link
KR (1) KR101760603B1 (en)

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
논문(Zeinab Rezaeifar et al., "Optimizing Reputation-Based Trust Method against Cache Poisoning in Name Data Networking," 한국정보보호학회 영남지부 학술대회 논문집, 2016. 01.)*
논문(Zeinab Rezaeifar et al., "Trusted-Based Method for Mitigating Cache Poisoning in CCN," 한국정보보호학회 동계학술대회 논문집, 2015.12.)*

Similar Documents

Publication Publication Date Title
CN105376211B (en) Probabilistic delay forwarding technique without validation in content-centric networks
EP3516833B1 (en) Methods, systems, and computer readable media for discarding messages during a congestion event
US9838333B2 (en) Software-defined information centric network (ICN)
US20220046088A1 (en) Systems and methods for distributing partial data to subnetworks
KR20160045010A (en) System and method for ranking named-data networking objects in a cache
US11005760B2 (en) Ensuring data locality for secure transmission of data
US10171463B1 (en) Secure transport layer authentication of network traffic
CN109076108B (en) Network node, endpoint node and method for receiving interest message
US20200280485A1 (en) Bridging configuration changes for compliant devices
US20170085441A1 (en) Stateless Forwarding in Information Centric Networks with Bloom Filters
CN103460648A (en) Methods, systems, and computer readable media for screening Diameter messages within a Diameter signaling router (DSR) having a distributed message processor architecture
US20150131458A1 (en) Multi-source correlation of network topology metrics
JP2009528797A (en) Autonomous system-based edge marking (ASEM) for Internet Protocol (IP) traceback
US20220200957A1 (en) Managing Application Access Controls And Routing In Cloud Computing Platforms
US20230308419A1 (en) Firewall System With Application Identifier Based Rules
JP2016059039A (en) Interest keep alive in intermediate router in ccn
US20220201673A1 (en) Dynamic Expansion And Contraction Of Edge Clusters For Managing Access To Cloud-Based Applications
US20220200954A1 (en) Managing Access To Cloud-Hosted Applications Using Domain Name Resolution
KR101760603B1 (en) Trusted Based Method for Mitigation of Cache Poisoning and Apparatus Therefor
CN109981460B (en) Service-oriented converged network, calculation and storage integrated method and device
US11924085B2 (en) Estimation of latency across regional clouds
US9678881B2 (en) Data distribution device and data distribution method
US20160054949A1 (en) Method for storing data in a computer system performing data deduplication
CN111104229B (en) Method, apparatus and computer readable storage medium for data processing
US20090106387A1 (en) Cidr based caching at application layer

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant