Internet cache pollution attacks and countermeasures

Yan Gao*, Leiwen Deng, Aleksandar Kuzmanovic, Yan Chen

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Scopus citations

Abstract

Proxy caching servers are widely deployed in today's Internet. While cooperation among proxy caches can significantly improve a network's resilience to denial-of-service (DoS) attacks, lack of cooperation can transform such servers into viable DoS targets. In this paper, we investigate a class of pollution attacks that aim to degrade a proxy's caching capabilities, either by ruining the cache file locality, or by inducing false file locality. Using simulations, we propose and evaluate the effects of pollution attacks both in web and peer-to-peer (p2p) scenarios, and reveal dramatic variability in resilience to pollution among several cache replacement policies. We develop efficient methods to detect both false-locality and locality-disruption attacks, as well as a combination of the two. To achieve high scalability for a large number of clients/requests without sacrificing the detection accuracy, we leverage streaming computation techniques, i.e., bloom filters. Evaluation results from large-scale simulations show that these mechanisms are effective and efficient in detecting and mitigating such attacks. Furthermore, a Squid-based implementation demonstrates that our protection mechanism forces the attacker to launch extremely large distributed attacks in order to succeed.

Original languageEnglish (US)
Title of host publicationProceedings - 14th IEEE International Conference on Network Protocols, ICNP 2006
Pages54-64
Number of pages11
DOIs
StatePublished - 2006
Event14th IEEE International Conference on Network Protocols, ICNP 2006 - Santa Barbara, CA, United States
Duration: Nov 12 2006Nov 15 2006

Publication series

NameProceedings - International Conference on Network Protocols, ICNP
ISSN (Print)1092-1648

Other

Other14th IEEE International Conference on Network Protocols, ICNP 2006
CountryUnited States
CitySanta Barbara, CA
Period11/12/0611/15/06

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'Internet cache pollution attacks and countermeasures'. Together they form a unique fingerprint.

Cite this