A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist
Standalone Name Resolution (SNR) is an essential component of many Information-Centric Networking (ICN) infrastructures that maps and stores the mappings of IDs and locators. The delivery of data can be realized only when the name resolution process is completed correctly. It also makes the SNR beco...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2021-10-01
|
Series: | Future Internet |
Subjects: | |
Online Access: | https://www.mdpi.com/1999-5903/13/10/262 |
_version_ | 1797514548434960384 |
---|---|
author | Jia Shi Xuewen Zeng Yang Li |
author_facet | Jia Shi Xuewen Zeng Yang Li |
author_sort | Jia Shi |
collection | DOAJ |
description | Standalone Name Resolution (SNR) is an essential component of many Information-Centric Networking (ICN) infrastructures that maps and stores the mappings of IDs and locators. The delivery of data can be realized only when the name resolution process is completed correctly. It also makes the SNR become the key target of network attackers. In this paper, our research focuses on the more covert and complex Content Pollution Attack (CPA). By continuously sending invalid content to the network at a low speed, attackers will consume a lot of the resources and time of the SNR system, resulting in a serious increase in the resolution delay of normal users and further cache pollution in ICN. It is difficult to be quickly detected because the characteristics of attack are inconspicuous. To address the challenge, a register access control scheme for an SNR system based on a malicious user blacklist query is proposed. A neighbor voting algorithm is designed to discover possible attacks in the network quickly and build a blacklist of malicious users reasonably. Users on the blacklist will be restricted from accessing the ICN network during the registration phase with the resolution system. Incentives and punishments for network users are introduced to automate responses about the potential malicious behavior reports. Our scheme is more efficient as users do not have to wait for an additional system component to perform operations. In addition, our algorithm can better solve the collusion problem in the voting process when compared with the others. We experimentally evaluate our protocol to demonstrate that the probability of successful collusion attack can be reduced to less than 0.1 when the attacker ratio is 0.5. |
first_indexed | 2024-03-10T06:33:10Z |
format | Article |
id | doaj.art-d969972739b345e89a1efc28756047f3 |
institution | Directory Open Access Journal |
issn | 1999-5903 |
language | English |
last_indexed | 2024-03-10T06:33:10Z |
publishDate | 2021-10-01 |
publisher | MDPI AG |
record_format | Article |
series | Future Internet |
spelling | doaj.art-d969972739b345e89a1efc28756047f32023-11-22T18:19:54ZengMDPI AGFuture Internet1999-59032021-10-01131026210.3390/fi13100262A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User BlacklistJia Shi0Xuewen Zeng1Yang Li2National Network New Media Engineering Research Center, Institute of Acoustics, Chinese Academy of Sciences, No. 21, North Fourth Ring Road, Haidian District, Beijing 100190, ChinaNational Network New Media Engineering Research Center, Institute of Acoustics, Chinese Academy of Sciences, No. 21, North Fourth Ring Road, Haidian District, Beijing 100190, ChinaNational Network New Media Engineering Research Center, Institute of Acoustics, Chinese Academy of Sciences, No. 21, North Fourth Ring Road, Haidian District, Beijing 100190, ChinaStandalone Name Resolution (SNR) is an essential component of many Information-Centric Networking (ICN) infrastructures that maps and stores the mappings of IDs and locators. The delivery of data can be realized only when the name resolution process is completed correctly. It also makes the SNR become the key target of network attackers. In this paper, our research focuses on the more covert and complex Content Pollution Attack (CPA). By continuously sending invalid content to the network at a low speed, attackers will consume a lot of the resources and time of the SNR system, resulting in a serious increase in the resolution delay of normal users and further cache pollution in ICN. It is difficult to be quickly detected because the characteristics of attack are inconspicuous. To address the challenge, a register access control scheme for an SNR system based on a malicious user blacklist query is proposed. A neighbor voting algorithm is designed to discover possible attacks in the network quickly and build a blacklist of malicious users reasonably. Users on the blacklist will be restricted from accessing the ICN network during the registration phase with the resolution system. Incentives and punishments for network users are introduced to automate responses about the potential malicious behavior reports. Our scheme is more efficient as users do not have to wait for an additional system component to perform operations. In addition, our algorithm can better solve the collusion problem in the voting process when compared with the others. We experimentally evaluate our protocol to demonstrate that the probability of successful collusion attack can be reduced to less than 0.1 when the attacker ratio is 0.5.https://www.mdpi.com/1999-5903/13/10/262content pollution attacksself-certifying namingdecentralizationStandalone Name Resolution (SNR)voting mechanism |
spellingShingle | Jia Shi Xuewen Zeng Yang Li A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist Future Internet content pollution attacks self-certifying naming decentralization Standalone Name Resolution (SNR) voting mechanism |
title | A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist |
title_full | A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist |
title_fullStr | A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist |
title_full_unstemmed | A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist |
title_short | A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist |
title_sort | register access control scheme for snr system to counter cpa attack based on malicious user blacklist |
topic | content pollution attacks self-certifying naming decentralization Standalone Name Resolution (SNR) voting mechanism |
url | https://www.mdpi.com/1999-5903/13/10/262 |
work_keys_str_mv | AT jiashi aregisteraccesscontrolschemeforsnrsystemtocountercpaattackbasedonmalicioususerblacklist AT xuewenzeng aregisteraccesscontrolschemeforsnrsystemtocountercpaattackbasedonmalicioususerblacklist AT yangli aregisteraccesscontrolschemeforsnrsystemtocountercpaattackbasedonmalicioususerblacklist AT jiashi registeraccesscontrolschemeforsnrsystemtocountercpaattackbasedonmalicioususerblacklist AT xuewenzeng registeraccesscontrolschemeforsnrsystemtocountercpaattackbasedonmalicioususerblacklist AT yangli registeraccesscontrolschemeforsnrsystemtocountercpaattackbasedonmalicioususerblacklist |