SecEG: A Secure and Efficient Strategy against DDoS Attacks in Mobile Edge Computing

IF 3.9 4区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS ACM Transactions on Sensor Networks Pub Date : 2024-01-23 DOI:10.1145/3641106
Haiyang Huang, Tianhui Meng, Jianxiong Guo, Xuekai Wei, Weijia Jia
{"title":"SecEG: A Secure and Efficient Strategy against DDoS Attacks in Mobile Edge Computing","authors":"Haiyang Huang, Tianhui Meng, Jianxiong Guo, Xuekai Wei, Weijia Jia","doi":"10.1145/3641106","DOIUrl":null,"url":null,"abstract":"<p>Application-layer distributed denial-of-service (DDoS) attacks incapacitate systems by using up their resources, causing service interruptions, financial losses, and more. Consequently, advanced deep-learning techniques are used to detect and mitigate these attacks in cloud infrastructures. However, in mobile edge computing (MEC), it becomes economically impractical to equip each node with defensive resources, as these resources may largely remain unused in edge devices. Furthermore, current methods are mainly concentrated on improving the accuracy of DDoS attack detection and saving CPU resources, neglecting the effective allocation of computational power for benign tasks under DDoS attacks. To address these issues, this paper introduces SecEG, a secure and efficient strategy against DDoS attacks for MEC that integrates container-based task isolation with lightweight online anomaly detection on edge nodes. More specifically, a new model is proposed to analyze resource contention dynamics between DDoS attacks and benign tasks. Subsequently, by employing periodic packet sampling and real-time attack intensity predicting, an autoencoder-based method is proposed to detect DDoS attacks. We leverage an efficient scheduling method to optimize the edge resource allocation and the service quality for benign users during DDoS attacks. When executed in the real-world edge environment, our experimental findings validate the efficacy of the proposed SecEG strategy. Compared to conventional methods, the service rate of benign requests increases by 23% under intense DDoS attacks, and the CPU resource is saved up to 35%.</p>","PeriodicalId":50910,"journal":{"name":"ACM Transactions on Sensor Networks","volume":"10 1","pages":""},"PeriodicalIF":3.9000,"publicationDate":"2024-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Sensor Networks","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3641106","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Application-layer distributed denial-of-service (DDoS) attacks incapacitate systems by using up their resources, causing service interruptions, financial losses, and more. Consequently, advanced deep-learning techniques are used to detect and mitigate these attacks in cloud infrastructures. However, in mobile edge computing (MEC), it becomes economically impractical to equip each node with defensive resources, as these resources may largely remain unused in edge devices. Furthermore, current methods are mainly concentrated on improving the accuracy of DDoS attack detection and saving CPU resources, neglecting the effective allocation of computational power for benign tasks under DDoS attacks. To address these issues, this paper introduces SecEG, a secure and efficient strategy against DDoS attacks for MEC that integrates container-based task isolation with lightweight online anomaly detection on edge nodes. More specifically, a new model is proposed to analyze resource contention dynamics between DDoS attacks and benign tasks. Subsequently, by employing periodic packet sampling and real-time attack intensity predicting, an autoencoder-based method is proposed to detect DDoS attacks. We leverage an efficient scheduling method to optimize the edge resource allocation and the service quality for benign users during DDoS attacks. When executed in the real-world edge environment, our experimental findings validate the efficacy of the proposed SecEG strategy. Compared to conventional methods, the service rate of benign requests increases by 23% under intense DDoS attacks, and the CPU resource is saved up to 35%.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
SecEG:针对移动边缘计算中 DDoS 攻击的安全高效策略
应用层分布式拒绝服务(DDoS)攻击会占用系统资源,导致系统瘫痪,造成服务中断、经济损失等。因此,先进的深度学习技术被用于检测和缓解云基础设施中的这些攻击。然而,在移动边缘计算(MEC)中,为每个节点配备防御资源在经济上并不现实,因为这些资源在边缘设备中可能大部分都未被使用。此外,目前的方法主要集中在提高 DDoS 攻击检测的准确性和节省 CPU 资源上,忽视了在 DDoS 攻击下为良性任务有效分配计算能力。为了解决这些问题,本文介绍了 SecEG,一种针对 MEC 的安全高效的 DDoS 攻击策略,它将基于容器的任务隔离与边缘节点上的轻量级在线异常检测集成在一起。更具体地说,本文提出了一个新模型来分析 DDoS 攻击与良性任务之间的资源争用动态。随后,通过采用周期性数据包采样和实时攻击强度预测,提出了一种基于自动编码器的方法来检测 DDoS 攻击。在 DDoS 攻击期间,我们利用高效的调度方法来优化边缘资源分配和良性用户的服务质量。在真实世界的边缘环境中,我们的实验结果验证了所提出的 SecEG 策略的有效性。与传统方法相比,在激烈的 DDoS 攻击下,良性请求的服务率提高了 23%,CPU 资源节省达 35%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
ACM Transactions on Sensor Networks
ACM Transactions on Sensor Networks 工程技术-电信学
CiteScore
5.90
自引率
7.30%
发文量
131
审稿时长
6 months
期刊介绍: ACM Transactions on Sensor Networks (TOSN) is a central publication by the ACM in the interdisciplinary area of sensor networks spanning a broad discipline from signal processing, networking and protocols, embedded systems, information management, to distributed algorithms. It covers research contributions that introduce new concepts, techniques, analyses, or architectures, as well as applied contributions that report on development of new tools and systems or experiences and experiments with high-impact, innovative applications. The Transactions places special attention on contributions to systemic approaches to sensor networks as well as fundamental contributions.
期刊最新文献
Fair and Robust Federated Learning via Decentralized and Adaptive Aggregation based on Blockchain PnA: Robust Aggregation Against Poisoning Attacks to Federated Learning for Edge Intelligence HCCNet: Hybrid Coupled Cooperative Network for Robust Indoor Localization HDM-GNN: A Heterogeneous Dynamic Multi-view Graph Neural Network for Crime Prediction A DRL-based Partial Charging Algorithm for Wireless Rechargeable Sensor Networks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1