A Cooperative Defense Framework against Application-level DDoS Attacks on Mobile Edge Computing Services

Abstract : Mobile edge computing (MEC), extending computing services from cloud to edge, is recognized as one of key pillars to facilitate real-time services and tackle backhaul bottleneck. However, it is not economically efficient to attach intensive security appliances to every MEC node to defend application-level DDoS attacks and ensure the availability of services. Thus, we explore the elasticity of security defense among MEC nodes by proposing a COoperative DEfense (CODE) framework for MEC, referred to as CODE4MEC. CODE4MEC aims to adapt to traffic changes by coordinating container-carried defensive resources among cooperative MEC nodes in an automatic way. Towards this aim, we propose four control plane functions to enable a life-cycle management for CODE4MEC, namely, CODE triggering, scheduling, coordination and releasing. However, an effective CODE4MEC requires non-trivial algorithmic schemes, in particular for CODE scheduling and coordination functions. We thus design an online combinatorial auction mechanism for real-time CODE scheduling, and prove a tighter performance bound relative to prior arts. As for CODE coordination, a flow-based traffic and context information coordination scheme is proposed to enable classical defense schemes to work properly and efficiently. Finally, using a combination of real testbed and simulation evaluations, we validate the effectiveness of CODE4MEC.
 EXISTING SYSTEM :
 ? It is necessary to have a holistic understanding about the application of new technologies in order to enhance the efficiency. ? The authors argue that the blockchain-based enhancement provides additional security to existing DDoS mitigation models. ? To the best of our knowledge, there does not exist a single survey discussing advancements specifically related to DDoS mitigation employing blockchain. ? Therefore, it is important to conduct a comprehensive survey about DDoS mitigation using blockchain technology. ? LSTM is used for DDoS detection utilizing blockchain for permission to edge devices to perform actions. IoT devices are relatively unsecure compared to traditional network nodes.
 DISADVANTAGE :
 ? Distributed denial of service (DDoS) attacks on the Internet have become an immediate problem. ? Most large web sites currently handle the problem by equipping critical systems with abundant resources. ? Besides, computing appropriate filtering tables based on existing inter domain routing protocol is a non-trivial problem. ? Trust is an important issue in this system, more so in the absence of a centralized trusted authority to provide digital certificates. ? Another issue that must be addressed is how to protect the communications of the detection nodes when the links are completely saturated during a DDoS attack.
 PROPOSED SYSTEM :
 • Researchers investigate the effect of environment tampering on the perception layer and propose an Ethereum-based framework deploying smart contracts and edge computing, which validates the incoming data. • Cochain-SC proposes network schemes governed by blockchain using SDN and smart contracts for DDoS mitigation at an inter and intra domain level. • The proposed model analyzes the network traffic on edge devices connected via blockchain. • Compared to other similar systems, researchers propose to store only hash values in the smart contract, which is transparent in nature.
 ADVANTAGE :
 ? In our approach, there are two factors which will affect the system performance: the overhead of the information sharing mechanism, and the delay for the decision making. ? To improve the defence efficiency and accuracy, we propose a dynamic defence infrastructure composed of a diverse collection of independent defence nodes located in the intermediate network of the Internet. ? The focus of this research is to develop methods to efficiently share the information provided by existing DDoS attack detection systems to improve the accuracy of defence rather than to improve upon current available DDoS detection methods. ? We vary the parameters of the gossip mechanism to investigate the relationship between the overhead of information sharing and defence efficiency.

We have more than 145000 Documents , PPT and Research Papers

Have a question ?

Mail us : info@nibode.com