A Cooperative Defense Framework against Application-level DDoS Attacks on Mobile Edge Computing Services

Hongjia Li, Chang Yang, Liming Wang, Nirwan Ansari, Ding Tang, Xueqing Huang, Zhen Xu, Dan Hu

Research output: Contribution to journalArticlepeer-review

Abstract

Mobile edge computing (MEC), extending computing services from cloud to edge, is recognized as one of key pillars to facilitate real-time services and tackle backhaul bottleneck. However, it is not economically efficient to attach intensive security appliances to every MEC node to defend application-level DDoS attacks and ensure the availability of services. Thus, we explore the elasticity of security defense among MEC nodes by proposing a COoperative DEfense (CODE) framework for MEC, referred to as CODE4MEC. CODE4MEC aims to adapt to traffic changes by coordinating container-carried defensive resources among cooperative MEC nodes in an automatic way. Towards this aim, we propose four control plane functions to enable a life-cycle management for CODE4MEC, namely, CODE triggering, scheduling, coordination and releasing. However, an effective CODE4MEC requires non-trivial algorithmic schemes, in particular for CODE scheduling and coordination functions. We thus design an online combinatorial auction mechanism for real-time CODE scheduling, and prove a tighter performance bound relative to prior arts. As for CODE coordination, a flow-based traffic and context information coordination scheme is proposed to enable classical defense schemes to work properly and efficiently. Finally, using a combination of real testbed and simulation evaluations, we validate the effectiveness of CODE4MEC.

Original languageEnglish (US)
JournalIEEE Transactions on Mobile Computing
DOIs
StateAccepted/In press - 2021

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Keywords

  • 5G mobile communication
  • Cloud computing
  • Collaboration
  • cooperative security
  • DDoS
  • Denial-of-service attack
  • Dynamic scheduling
  • Edge computing
  • Mobile edge computing
  • online scheduling
  • prototype
  • Security

Fingerprint

Dive into the research topics of 'A Cooperative Defense Framework against Application-level DDoS Attacks on Mobile Edge Computing Services'. Together they form a unique fingerprint.

Cite this