A Cooperative Defense Framework Against Application-Level DDoS Attacks on Mobile Edge Computing Services

Document Type

Article

Publication Date

1-1-2023

Abstract

Mobile edge computing (MEC), extending computing services from cloud to edge, is recognized as one of key pillars to facilitate real-time services and tackle backhaul bottleneck. However, it is not economically efficient to attach intensive security appliances to every MEC node to defend application-level DDoS attacks and ensure the availability of services. Thus, we explore the elasticity of security defense among MEC nodes by proposing a COoperative DEfense (CODE) framework for MEC, referred to as CODE4MEC. CODE4MEC aims to adapt to traffic changes by coordinating container-carried defensive resources among cooperative MEC nodes in an automatic way. Towards this aim, we propose four control plane functions to enable a life-cycle management for CODE4MEC, namely, CODE triggering, scheduling, coordination and releasing. However, an effective CODE4MEC requires non-trivial algorithmic schemes, in particular for CODE scheduling and coordination functions. We thus design an online combinatorial auction mechanism for real-time CODE scheduling, and prove a tighter performance bound relative to prior arts. As for CODE coordination, a flow-based traffic and context information coordination scheme is proposed to enable classical defense schemes to work properly and efficiently. Finally, using a combination of real testbed and simulation evaluations, we validate the effectiveness of CODE4MEC.

Identifier

85107346949 (Scopus)

Publication Title

IEEE Transactions on Mobile Computing

External Full Text Location

https://doi.org/10.1109/TMC.2021.3086219

e-ISSN

15580660

ISSN

15361233

First Page

1

Last Page

18

Issue

1

Volume

22

Grant

61302108

Fund Ref

National Natural Science Foundation of China

This document is currently not available here.

Share

COinS