摘要
缓存隐私泄露是内容中心网络中的重要安全威胁之一,攻击者通过探测缓存可以获取合法用户的隐私信息。针对该安全问题,在隐私与非隐私内容区分的基础上,提出一种基于最近访问信息与回退机制的缓存隐私保护策略(CPPS-RVI&ECP),并与现有典型防御策略-随机k延迟(RFKD)对比,围绕隐私泄露率与网络命中率开展理论性能分析。该策略通过设置隐私标识,实现最近访问者的识别;通过随机缓存位置存入以及移出回退机制,降低了隐私泄露概率,且提升了网络性能。设定实验条件进行数值分析,结果表明,虽然RFKD有理想的隐私保护能力,但是它是以完全牺牲缓存的内容分发能力为代价的,而CPPS-RVI&ECP则通过合理设置回退概率,可以在保持较低隐私泄露率的同时,获得较高的网络命中率。
Cache privacy leak was one of the important security threats of CCN, the adversary could obtain the legitimate user's privacy information through probing cache visiting time. Aiming at this security problem, the privacy and non-privacy contents were dealt separately, then a cache privacy protection strategy based on recent visiting information and evicted copy up(CPPS-RVIECP) was proposed. In order to compare with the current typical defense strategy-random first k delay(RFKD), the theoretical analysis of privacy leak probability and network hit probability are further given. The CPPS-RVIECP identifies the recent visitor by setting privacy mark in interest packet, decreases the privacy leak probability by selecting replacing position randomly, and promotes the network performance by the mechanism of shifting evicted copy upstream. The numeric analysis results under the prescribed experimental conditions show that, whereas the ideal privacy protection ability of RFKD is obtained at the expense of sacrifice of cache contents delivery capability, the proposed CPPS-RVIECP can obtain low privacy leak probability and in the meantime maintain high network hit probability by setting reasonable upstream shifting probability.
出处
《通信学报》
EI
CSCD
北大核心
2015年第12期139-150,共12页
Journal on Communications
基金
江苏省科技支撑计划(工业)基金资助项目(BE2013019)~~
关键词
内容中心网络
缓存隐私探测
隐私保护策略
隐私泄露率
网络命中率
content centric networking
cache privacy probe
privacy protection strategy
privacy leak probability
network hit probability