More Web Proxy on the site http://driver.im/

research-article

Check before storing: what is the performance price of content integrity verification in LRU caching?

Authors:

Giuseppe Bianchi,

Alberto Caponi,

Nicola Blefari MelazziAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 43, Issue 3

Pages 59 - 67

https://doi.org/10.1145/2500098.2500106

Published: 01 July 2013 Publication History

Abstract

In some network and application scenarios, it is useful to cache content in network nodes on the fly, at line rate. Resilience of in-network caches can be improved by guaranteeing that all content therein stored is valid. Digital signatures could be indeed used to verify content integrity and provenance. However, their operation may be much slower than the line rate, thus limiting caching of cryptographically verified objects to a small subset of the forwarded ones. How this affects caching performance? To answer such a question, we devise a simple analytical approach which permits to assess performance of an LRU caching strategy storing a randomly sampled subset of requests. A key feature of our model is the ability to handle traffic beyond the traditional Independent Reference Model, thus permitting us to understand how performance vary in different temporal locality conditions. Results, also verified on real world traces, show that content integrity verification does not necessarily bring about a performance penalty; rather, in some specific (but practical) conditions, performance may even improve.

References

[1]

Standards for efficient cryptography group (SECG), SEC4 Elliptic Curve Qu-Vanstone implicit Certificate Scheme (ECQV). v1.0, January 2013.

[2]

B. Ahlgren, C. Dannewitz, C. Imbrenda, D. Kutscher, and B. Ohlman. A survey of Information-Centric Networking. IEEE Commun. Mag., 50(7):26--36, July 2012.

[3]

M. Ahmed, S. Traverso, P. Giaccone, E. Leonardi, and S. Niccolini. Analyzing the Performance of LRU Caches under Non-Stationary Traffic Patterns. ArXiv, abs/1301.4909, 2013.

[4]

P. Barford and M. Crovella. Generating representative web workloads for network and server performance evaluation. In SIGMETRICS, 1998.

Digital Library

[5]

M. Baugher, B. Davie, A. Narayanan, and D. Oran. Self-verifying names for read-only named data. 1st IEEE INFOCOM Nomen Workshop, 2012.

[6]

L. Breslau, P. Cao, L. Fan, G. Phillips, and S. Shenker. Web caching and zipf-like distributions: Evidence and implications. In IEEE INFOCOM, pages 126--134, 1999.

[7]

Y. Chabchoub, C. Fricker, F. Guillemin, and P. Robert. Deterministic versus probabilistic packet sampling in the internet. In 20th international teletraffic conference, ITC20, pages 678--689, 2007.

Digital Library

[8]

W. K. Chai, D. He, I. Psaras, and G. Pavlou. Cache "less for more" in information-centric networks. In 11th IFIP TC6 conf. on Networking, pages 27--40, 2012.

Digital Library

[9]

H. Che, Y. Tung, and Z. Wang. Hierarchical Web caching systems: modeling, design and experimental results. IEEE J. on Sel. Areas in Commun., 20(7):1305--1314, Sept. 2002.

Digital Library

[10]

E. G. Coffman, Jr. and P. J. Denning. Operating Systems Theory. Prentice Hall Professional Technical Reference, 1973.

Digital Library

[11]

A. Dan and D. F. Towsley. An Approximate Analysis of the LRU and FIFO Buffer Replacement Schemes. In ACM SIGMETRICS, pages 143--152, 1990.

Digital Library

[12]

L. Deng, Y. Gao, Y. Chen, and A. Kuzmanovic. Pollution attacks and defenses for internet caching systems. Comput. Netw., 52(5), Apr. 2008.

Digital Library

[13]

ETSI. Network functions virtualisation - white paper. portal.etsi.org/NFV/NFV\_White\_Paper.pdf oct. 2012.

[14]

R. Fonseca, V. Almeida, M. Crovella, and B. Abrahao. On the intrinsic locality properties of web reference streams. In IEEE INFOCOM, 2003.

[15]

R. C. Fonseca, V. A. F. Almeida, and M. Crovella. Locality in a web of streams. Commun. ACM, 48(1):82--88, 2005.

Digital Library

[16]

C. Fricker, P. Robert, and J. Roberts. A versatile and accurate approximation for LRU cache performance. In 24th international teletraffic conference, ITC24, pages 1--8, 2012.

Digital Library

[17]

D. Galindo and F. Garcia. A Schnorr-like lightweight Identity-Based Signature scheme. AFRICACRYPT 2009, LNCS 5580, pages 135--148, 2009.

Digital Library

[18]

P. Gasti, G. Tsudik, E. Uzun, and L. Zhang. DoS and DDoS in Named-Data Networking. ArXiv, abs/1208.0952, 2012.

[19]

A. Ghodsi, T. Koponen, J. Rajahalme, P. Sarolahti, and S. Shenker. Naming in content-oriented architectures. In 1st ACM SIGCOMM ICN workshop, 2011.

Digital Library

[20]

A. Ghodsi, S. Shenker, T. Koponen, A. Singla, B. Raghavan, and J. Wilcox. Information-Centric Networking: seeing the forest for the trees. In 10th ACM SIGCOMM HotNets, 2011.

Digital Library

[21]

V. Jacobson, D. Smetters, J. Thornton, M. Plass, N. Briggs, and R. Braynard. Networking Named Content. In 5th ACM CoNext, 2009.

Digital Library

[22]

P. R. Jelenković and A. Radovanović. Optimizing LRU Caching for Variable Document Sizes. Comb. Probab. Comput., 13(4-5):627--643, 2004.

Digital Library

[23]

T. Koponen, M. Chawla, B.-G. Chun, A. Ermolinskiy, K. H. Kim, S. Shenker, and I. Stoica. A data-oriented (and beyond) network architecture. SIGCOMM Comput. Commun. Rev., 37(4):181--192, 2007.

Digital Library

[24]

M. E. Kounavis, X. Kang, K. Grewal, M. Eszenyi, S. Gueron, and D. Durham. Encrypting the internet. ACM SIGCOMM Computer Commun. Review, 40(4):135--146, 2010.

Digital Library

[25]

N. Laoutaris, H. Che, and I. Stavrakakis. The LCD interconnection of LRU caches and its analysis. Perf. Eval., 63(7):609--634, 2006.

Digital Library

[26]

T. Lauinger, N. Laoutaris, P. Rodriguez, T. Strufe, E. Biersack, and E. Kirda. Privacy risks in named data networking: what is the cost of performance? SIGCOMM Comput. Commun. Rev., 42(5):54--57, Sept. 2012.

Digital Library

[27]

E. J. O'Neil, P. E. O'Neil, and G. Weikum. The LRU-K page replacement algorithm for database disk buffering. In ACM SIGMOD, pages 297--306, 1993.

Digital Library

[28]

G. Pallis and A. Vakali. Insight and perspectives for Content Delivery Networks. Commun. ACM, 49(1):101--106, Jan. 2006.

Digital Library

[29]

I. Psaras, W. K. Chai, and G. Pavlou. Probabilistic in-network caching for information-centric networks. In 2nd SIGCOMM ICN workshop, pages 55--60, 2012.

Digital Library

[30]

S. Salsano, A. Detti, M. Cancellieri, M. Pomposini, and N. Blefari-Melazzi. Transport-layer issues in Information Centric Networks. In 2nd ACM SIGCOMM ICN workshop, 2012.

Digital Library

[31]

D. Starobinski and D. Tse. Probabilistic methods for web caching. Perf. Eval., 46(2--3):125--137, 2001.

Digital Library

[32]

M. Wählisch, T. C. Schmidt, and M. Vahlenkamp. Backscatter from the data plane -- threats to stability and security in information-centric networking. ArXiv abs/1205.4778, 2012.

[33]

M. Xie, I. Widjaja, and H. Wang. Enhancing cache robustness for content-centric networking. In IEEE INFOCOM, pages 2426--2434, march 2012.

[34]

X. Zhang, K. Chang, H. Xiong, Y. Wen, G. Shi, and G. Wang. Towards name-based trust and security for content-centric network. IEEE ICNP, 2011.

Digital Library

Cited By

Han JXue KLi JZhang JHuang ZWei D(2024)Enabling In-Network Caching in Traditional IP Networks: Selective Router Upgrades and Cooperative Cache StrategiesIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.330519511:1(696-709)Online publication date: Jan-2024
https://doi.org/10.1109/TNSE.2023.3305195
Ullah SHussain SAli IKhattak HMastorakis S(2024)Mitigating content poisoning attacks in named data networking: a survey of recent solutions, limitations, challenges and future research directionsArtificial Intelligence Review10.1007/s10462-024-10994-x58:2Online publication date: 20-Dec-2024
https://doi.org/10.1007/s10462-024-10994-x
V. Vijaya Karthik SArputha Vijaya Selvi J(2023)NDN Content Poisoning Mitigation Using Bird Swarm Optimization and Trust ValueIntelligent Automation & Soft Computing10.32604/iasc.2023.02540436:1(833-847)Online publication date: 2023
https://doi.org/10.32604/iasc.2023.025404
Show More Cited By

Index Terms

Check before storing: what is the performance price of content integrity verification in LRU caching?
1. Computing methodologies
  1. Modeling and simulation
    1. Model development and analysis
      1. Modeling methodologies
2. Networks
  1. Network architectures

Recommendations

Criticality aware tiered cache hierarchy: a fundamental relook at multi-level cache hierarchies
ISCA '18: Proceedings of the 45th Annual International Symposium on Computer Architecture

On-die caches are a popular method to help hide the main memory latency. However, it is difficult to build large caches without substantially increasing their access latency, which in turn hurts performance. To overcome this difficulty, on-die caches ...
Modeling LRU cache with invalidation

Least Recently Used (LRU) is a very popular caching replacement policy. It is very easy to implement and offers good performance, especially when data requests are temporally correlated, as in the case of web traffic.When the data content can change ...
Protecting access privacy of cached contents in information centric networks
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

In information centric network (ICN), contents are fetched by their names from caches deployed in the network or from origin servers. Once the contents are fetched from the origin server, it is replicated and cached in all routers along the routing and ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 43, Issue 3

July 2013

104 pages

ISSN:0146-4833

DOI:10.1145/2500098

Issue’s Table of Contents

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 2013

Published in SIGCOMM-CCR Volume 43, Issue 3

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

79
Total Citations
View Citations
383
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Han JXue KLi JZhang JHuang ZWei D(2024)Enabling In-Network Caching in Traditional IP Networks: Selective Router Upgrades and Cooperative Cache StrategiesIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.330519511:1(696-709)Online publication date: Jan-2024
https://doi.org/10.1109/TNSE.2023.3305195
Ullah SHussain SAli IKhattak HMastorakis S(2024)Mitigating content poisoning attacks in named data networking: a survey of recent solutions, limitations, challenges and future research directionsArtificial Intelligence Review10.1007/s10462-024-10994-x58:2Online publication date: 20-Dec-2024
https://doi.org/10.1007/s10462-024-10994-x
V. Vijaya Karthik SArputha Vijaya Selvi J(2023)NDN Content Poisoning Mitigation Using Bird Swarm Optimization and Trust ValueIntelligent Automation & Soft Computing10.32604/iasc.2023.02540436:1(833-847)Online publication date: 2023
https://doi.org/10.32604/iasc.2023.025404
Carlsson NEager D(2023)Optimized Dynamic Cache Instantiation and Accurate LRU Approximations Under Time-Varying Request VolumeIEEE Transactions on Cloud Computing10.1109/TCC.2021.311595911:1(779-797)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TCC.2021.3115959
Shah MLeau YAnbar MBin-Salem A(2023)Security and Integrity Attacks in Named Data Networking: A SurveyIEEE Access10.1109/ACCESS.2023.323873211(7984-8004)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3238732
Xue KYang JXia QWei DLi JSun QLu J(2022)CSEVP: A Collaborative, Secure, and Efficient Content Validation Protection Framework for Information Centric NetworkingIEEE Transactions on Network and Service Management10.1109/TNSM.2021.313654719:2(1761-1775)Online publication date: 1-Jun-2022
https://dl.acm.org/doi/10.1109/TNSM.2021.3136547
Xie TNambiar NHe TMcDaniel P(2022)Attack Resilience of Cache Replacement Policies: A Study Based on TTL ApproximationIEEE/ACM Transactions on Networking10.1109/TNET.2022.317172030:6(2433-2447)Online publication date: 27-May-2022
https://dl.acm.org/doi/10.1109/TNET.2022.3171720
Wang SNing Z(2022)Collaborative Caching Strategy in Content-Centric NetworkingAdvances in Computing, Informatics, Networking and Cybersecurity10.1007/978-3-030-87049-2_16(465-511)Online publication date: 3-Mar-2022
https://doi.org/10.1007/978-3-030-87049-2_16
Li YIoannidis S(2021)Cache Networks of Counting QueuesIEEE/ACM Transactions on Networking10.1109/TNET.2021.310251829:6(2751-2764)Online publication date: Dec-2021
https://doi.org/10.1109/TNET.2021.3102518
Pedersen Ji Amat AGoseling JBrannstrom FAndriyanova IRosnes E(2021)Dynamic Coded Caching in Wireless NetworksIEEE Transactions on Communications10.1109/TCOMM.2020.304762169:4(2138-2147)Online publication date: Apr-2021
https://doi.org/10.1109/TCOMM.2020.3047621
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents