A Detection Mechanism for Cache Pollution Attack in Named Data Network Architecture

Basic Named Data Networks (NDN) security mechanisms, rely on two main key features. The first one is the caching mechanism where it manages to minimize both the bandwidth usage and the data retrieval delay all along with congestion avoidance by storing, in the intermediate routers, the contents recently demanded to quickly serve future consumers' requests. The second key feature is the NDN security which stands on its foundation by signing each Data as soon as it released by the Producer and gets verified by each requesting consumer so that it makes it resilient to most attacks that affect the integrity of such content and the privacy of its end points. However, the availability of the Data in the cache of the CS allows the malicious consumers to perform several attacks such as Cache Pollution Attack (CPA) which is easy to implement and extremely effective. As a result, it makes the data on the cache unavailable for legitimate consumers and increases its retrieval delay. In this paper, we propose a new detection mechanism of CPA called ICAN (Intrusion detection system for CPA attack in NDN architecture) based on several metrics such as Average Cache Hit Ratio, Average Interest Inter-Arrival Time, Hop Count and Prefix variation. We assess by simulation, using the NDNSim framework, the efficiency of our mechanism and the choice of the used parameters. Finally, we elaborate a qualitative comparison between our proposed solution and the state-of-the-art mechanisms.