Exploiting Path Diversity for Thwarting Pollution Attacks in Named Data Networking

With information becoming a first-class citizen on the Internet, information-centric networking (ICN) is considered as a promising direction for the future Internet. Named data networking (NDN) is a prominent example of emerging ICN architectures. Unfortunately, NDN is vulnerable to various attacks targeting its in-network caching mechanism. In this paper, we focus on the false-locality pollution attack, in which an adversary repeatedly requests a number of unpopular data objects to waste the precious cache space on the NDN router and to reduce normal users' hit ratios. With simulation experiments, we show that such an attack can cause considerable damage to the NDN network. To detect and mitigate such an attack, we introduce an algorithm that exploits the diversity of the Interest traversing paths within an Internet service provider's point-of-presence network. We also propose inexpensive methodologies based on the probabilistic counting and Bloom filter techniques to implement the algorithm on an NDN router. The experimental results indicate that our proposed algorithm is effective in thwarting false-locality pollution. We also experiment with strategies that the adversary may utilize against our antipollution algorithm and demonstrate that such strategies are either ineffective or impractical in the real world.