{"title":"An efficient caching security approach for content‐centric mobile networks in internet of things systems","authors":"Zhuang Du, M. Obaidat, Guowei Wu, K. Hsiao","doi":"10.1002/spy2.294","DOIUrl":null,"url":null,"abstract":"With the expansion of internet of things (IoT), the IP‐based network architecture has been difficult to support the development of IoT. Content‐centric mobile networking (CCMN) models are based on naming the content to get rid of address‐space scarcity, caching the content at intermediate nodes to provide efficient data delivery, which can solve the development bottleneck of IoT. The in‐network caching is a key factor to enable practical deployments of CCMN. And it is also subject to serious security threats of cache pollution attacks (CPA), which can tamper the distribution of content and reduce the advantages of built‐in cache. In addition, the identity and trust mechanism of mobile devices are also important factors hindering the deployment of CCMN. However, existing caching security mechanisms cannot be applied directly, because the features of the built‐in cache, including ubiquity, mobility, and heterogeneity, bring new challenges on designing the caching security mechanism against CPA. In this article, we propose a lightweight CPA detection and defense approach for CCMN. We first model the attack and defense process of CPA as a dynamic game, which can optimize the performance of the attack detection. Then, we adopt popularity analysis to detect CPA, and accurately estimate the current network and attack state by a logical regression algorithm. Our design can also intelligently maintain the identity and trust mechanism. Finally, we design a punishment mechanism to deal with the attackers. Extensive simulations demonstrate that our approach can detect CPA efficiently, mitigate the impact of CPA effectively. Our game model can reduce the impact of locality‐disruption attack and false‐locality attack by 60% and 30%, respectively, compared with the state‐of‐the‐art methods. When the game reaches Nash equilibrium, our model can reduce the impact of CPA on cache hit ratio by 55% on average.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2023-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.294","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
With the expansion of internet of things (IoT), the IP‐based network architecture has been difficult to support the development of IoT. Content‐centric mobile networking (CCMN) models are based on naming the content to get rid of address‐space scarcity, caching the content at intermediate nodes to provide efficient data delivery, which can solve the development bottleneck of IoT. The in‐network caching is a key factor to enable practical deployments of CCMN. And it is also subject to serious security threats of cache pollution attacks (CPA), which can tamper the distribution of content and reduce the advantages of built‐in cache. In addition, the identity and trust mechanism of mobile devices are also important factors hindering the deployment of CCMN. However, existing caching security mechanisms cannot be applied directly, because the features of the built‐in cache, including ubiquity, mobility, and heterogeneity, bring new challenges on designing the caching security mechanism against CPA. In this article, we propose a lightweight CPA detection and defense approach for CCMN. We first model the attack and defense process of CPA as a dynamic game, which can optimize the performance of the attack detection. Then, we adopt popularity analysis to detect CPA, and accurately estimate the current network and attack state by a logical regression algorithm. Our design can also intelligently maintain the identity and trust mechanism. Finally, we design a punishment mechanism to deal with the attackers. Extensive simulations demonstrate that our approach can detect CPA efficiently, mitigate the impact of CPA effectively. Our game model can reduce the impact of locality‐disruption attack and false‐locality attack by 60% and 30%, respectively, compared with the state‐of‐the‐art methods. When the game reaches Nash equilibrium, our model can reduce the impact of CPA on cache hit ratio by 55% on average.