Attack resilience of cache replacement policies

Tian Xie, Ting He, Patrick McDaniel, Namitha Nambiar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations


Caches are pervasively used in computer networks to speed up access by reusing previous communications, where various replacement policies are used to manage the cached contents. The replacement policy of a cache plays a key role in its performance, and is thus extensively engineered to achieve a high hit ratio in benign environments. However, some studies showed that a policy with a higher hit ratio in benign environments may be more vulnerable to denial of service (DoS) attacks that intentionally send requests for unpopular contents. To understand the cache performance under such attacks, we analyze a suite of representative replacement policies under the framework of TTL approximation in how well they preserve the hit ratios for legitimate users, while incorporating the delay for the cache to obtain a missing content. We further develop a scheme to adapt the cache replacement policy based on the perceived level of attack. Our analysis and validation on real traces show that although no single policy is resilient to all the attack strategies, suitably adapting the replacement policy can notably improve the attack resilience of the cache.

Original languageEnglish (US)
Title of host publicationINFOCOM 2021 - IEEE Conference on Computer Communications
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9780738112817
StatePublished - May 10 2021
Event40th IEEE Conference on Computer Communications, INFOCOM 2021 - Vancouver, Canada
Duration: May 10 2021May 13 2021

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X


Conference40th IEEE Conference on Computer Communications, INFOCOM 2021

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Electrical and Electronic Engineering


Dive into the research topics of 'Attack resilience of cache replacement policies'. Together they form a unique fingerprint.

Cite this