Many computer systems employ a caching mechanism in order to improve their performance, where copies of frequently accessed data are stored in a temporary storage area that provides rapid access, thereby reducing the access time and/or cost that would otherwise be involved in frequently retrieving the data from its original location. For example, computers acting as Hypertext Transfer Protocol (HTTP) proxies cache web pages in order to reduce network traffic and improve latency, while computers acting as Domain Name System (DNS) resolvers that map names of networked devices to their numeric Internet Protocol (IP) addresses cache device name-address mappings for the same reason.
Computers that employ caches are, however, vulnerable to a type of attack known as cache poisoning in which an attempt is made to introduce a counterfeit entry into the cache. For example, in DNS cache poisoning a cached mapping between a network device and its IP address is altered to indicate an IP address that is supplied by the attacker, which location often includes malicious content, such as a computer worm or a computer virus. A client that subsequently requests the address for the network device is then given the wrong address, potentially exposing the client to the malicious content. Unfortunately, where a computer maintains a cache that is shared by multiple clients, a single instance of cache poisoning may ensnare many victims.