Abstract:In order to satisfy diverse quality-of-service (QoS) requirements of complex real-time video applications, civilian and tactical use cases are employing software-defined hybrid edge-cloud systems. One of the primary QoS requirements of such applications is ultra-low end-to-end latency for video applications that necessitates rapid frame transfer between end-devices and edge servers using software-defined networking (SDN). Failing to guarantee such strict requirements leads to quality degradation of video applications and subsequently mission failure. In this paper, we show how a collaborative group of attackers can exploit SDN's control communications to launch Denial of Quality of Service (DQoS) attack that artificially increases end-to-end latency of video frames and yet evades detection. In particular, we show how Deep Neural Network (DNN) model training on all or partial network state information can help predict network packet drop rates with reasonable accuracy. We also show how such predictions can help design an attack model that can inflict just the right amount of added latency to the end-to-end video processing that is enough to cause considerable QoS degradation but not too much to raise suspicion. We use a realistic edge-cloud testbed on GENI platform for training data collection and demonstration of high model accuracy and attack success rate.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is: How to design a covert Denial of Quality of Service (DQoS) attack through deep neural network (DNN) model training, so as to increase the end - to - end latency of real - time video applications in software - defined hybrid edge - cloud systems, thereby leading to a significant decline in Quality of Service (QoS) without being detected. ### Specific problem description: 1. **Background and requirements** - Modern complex real - time video applications (such as video processing, 3D reconstruction, AR/VR, etc.) have very strict requirements for low latency and high reliability. - Civilian and tactical scenarios are increasingly adopting software - defined hybrid edge - cloud systems to meet these requirements. - These systems rely on software - defined networking (SDN) to achieve rapid frame transmission and ensure ultra - low end - to - end latency. 2. **Core of the problem** - If strict QoS requirements cannot be guaranteed, it will lead to a decline in the quality of video applications and even task failures. - The paper proposes a covert DQoS attack method. By using the control communication mechanism of SDN, it artificially increases the end - to - end latency, making the video frame processing time exceed the QoS requirements of the application without causing suspicion in the system. 3. **Attack means** - The attacker predicts the network packet drop rate through the deep neural network (DNN) model and adjusts the attack intensity according to the prediction result. - By frequently triggering Table Miss, the transmission latency of video frames from terminal devices to edge servers is increased. - The key to the attack is to find an appropriate attack intensity that can significantly increase the latency without triggering the system's alarm. 4. **Experimental verification** - The paper uses the GENI platform to build a realistic edge - cloud testbed, collects training data and verifies the accuracy of the DNN model. - The experimental results show that this attack can increase the end - to - end latency by about 3 times without significantly increasing the packet drop rate. ### Summary: The main objective of the paper is to show how to use the DNN model to carry out a covert DQoS attack. By precisely controlling the attack intensity, it causes a significant decline in the QoS of real - time video applications without being detected by the system. This research reveals the potential threats to the security of software - defined hybrid edge - cloud systems.

DNN-based Denial of Quality of Service Attack on Software-defined Hybrid Edge-Cloud Systems

Achieving Real-Time Quality of Service with Software Defined Networking

TPDD: A Two-Phase DDoS Detection System in Software-Defined Networking

Intelligent DDoS Detection in Botnet Combined with Packet-Level Features under SDN

Effective DDoS Mitigation Via ML-Driven In-network Traffic Shaping

Efficient Distributed Denial-of-Service Attack Defense in SDN-Based Cloud

A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)

Q-MIND: Defeating Stealthy DoS Attacks in SDN with a Machine-learning based Defense Framework

On Denial of Service Attacks in Software Defined Networks

A Novel Supervised Deep Learning Solution to Detect Distributed Denial of Service (DDoS) attacks on Edge Systems using Convolutional Neural Networks (CNN)

Defending SDN against packet injection attacks using deep learning

Improved 5G network slicing for enhanced QoS against attack in SDN environment using deep learning

Cyber-Secure SDN: A CNN-Based Approach for Efficient Detection and Mitigation of DDoS attacks

Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment

DDoS Attack Detection and Classification Using Hybrid Model for Multicontroller SDN

EfficientNet-deep quantum neural network-based economic denial of sustainability attack detection to enhance network security in cloud

Performance and Features: Mitigating the Low-Rate TCP-Targeted DoS Attack via SDN

A Machine Learning Based Detection and Mitigation of the DDOS Attack by Using SDN Controller Framework

Network state Estimation using Raw Video Analysis: vQoS-GAN based non-intrusive Deep Learning Approach

Augmenting Speech Quality Estimation in Software-Defined Networking Using Machine Learning Algorithms

SDNShield: NFV-Based Defense Framework Against DDoS Attacks on SDN Control Plane.