Haiyang Huang,Tianhui Meng,Jianxiong Guo,Xuekai Wei,Weijia Jia

DOI: https://doi.org/10.1145/3641106

2024-02-23

ACM Transactions on Sensor Networks

Abstract:Application-layer distributed denial-of-service (DDoS) attacks incapacitate systems by using up their resources, causing service interruptions, financial losses, and more. Consequently, advanced deep-learning techniques are used to detect and mitigate these attacks in cloud infrastructures. However, in mobile edge computing (MEC), it becomes economically impractical to equip each node with defensive resources, as these resources may largely remain unused in edge devices. Furthermore, current methods are mainly concentrated on improving the accuracy of DDoS attack detection and saving CPU resources, neglecting the effective allocation of computational power for benign tasks under DDoS attacks. To address these issues, this paper introduces SecEG, a secure and efficient strategy against DDoS attacks for MEC that integrates container-based task isolation with lightweight online anomaly detection on edge nodes. More specifically, a new model is proposed to analyze resource contention dynamics between DDoS attacks and benign tasks. Subsequently, by employing periodic packet sampling and real-time attack intensity predicting, an autoencoder-based method is proposed to detect DDoS attacks. We leverage an efficient scheduling method to optimize the edge resource allocation and the service quality for benign users during DDoS attacks. When executed in the real-world edge environment, our experimental findings validate the efficacy of the proposed SecEG strategy. Compared to conventional methods, the service rate of benign requests increases by 23% under intense DDoS attacks, and the CPU resource is saved up to 35%.

computer science, information systems,telecommunications

Zhengzhe Xiang,Yuhang Zheng,Zengwei Zheng,Shuiguang Deng,Minyi Guo,Schahram Dustdar

DOI: https://doi.org/10.1109/tnet.2023.3265002

2023-01-01

IEEE/ACM Transactions on Networking

Abstract:The multi-access edge computing (MEC) paradigm has emerged as a critical solution to address the exponential growth in mobile web services and devices. By implementing an edge-based service provisioning system (EPS) with servers located at the network’s edge, both transmission and computation efficiency can be significantly enhanced. Nevertheless, it is also essential to carefully consider the resource allocation for services, the traffic management of requests, and the path arrangement for data delivery to ensure the cost-effective operation of the EPS. Therefore, we investigate and quantify the relationship between the performance and cost of the EPS in this paper, and model the cost-effective service provisioning problem as a multi-phase convex optimization problem. An online algorithm whose name is RDC based on the Lyapunov framework is proposed to decompose this problem into several sub-problems.Additionally, a heuristic approach that partitions edge servers into several clusters, called RDC-NeP and based on RDC , has also been proposed to reduce computational complexity. A series of experiments were conducted to evaluate the proposed approach. The results demonstrate that RDC can effectively balance expense and performance, while RDC-NeP significantly simplifies the processing of RDC when the problem scale increases.

Shaohua Cao,Shu Chen,Hui Chen,Hanqing Zhang,Zijun Zhan,Weishan Zhang

DOI: https://doi.org/10.3390/electronics12030562

IF: 2.9

2023-01-22

Electronics

Abstract:With the growth of the Internet of Things, smart devices are subsequently generating a large number of computation-intensive and latency-sensitive tasks. Mobile edge computing can provide resources in close proximity, greatly reducing service latency and alleviating congestion in mobile core networks. Due to the instability of the mobile edge computing environment, it was difficult to guarantee the quality of service for users. To address this problem, a hybrid computation offloading framework based on Deep Deterministic Policy Gradient (DDPG) in IoT is proposed. The framework is a system consisting of edge servers and user devices. It is used to acquire the environment state through Software Defined Network technologies and generate the offloading strategy by Deep Deterministic Policy Gradient. The optimization objectives in this paper include the total system overhead of the mobile edge computing system, and considering both network load and computational load, an optimal offloading strategy can be obtained to enable users to obtain a better quality of service. Finally, the experimental results show that the algorithm outperforms the comparison algorithm and can reduce the system latency by 20%, while the network load and computational load are also more stable.

engineering, electrical & electronic,computer science, information systems,physics, applied

Chun-Yen Lee,Chia-Hung Lin,Zhan-Lun Chang,Chih-Yu Wang,Hung-Yu Wei

DOI: https://doi.org/10.1109/tsc.2024.3441313

IF: 11.019

2024-10-11

IEEE Transactions on Services Computing

Abstract:Distributed Denial-of-Service (DDoS) attack is critical to latency-critical systems such as Multi-Access Edge Computing (MEC) as it significantly increases the response delay of the victim service. An intrusion prevention system (IPS) is a promising solution to defend against such attacks. Still, there will be a trade-off between IPS deployment and application resource reservation as IPS deployment will reduce the computational resources for MEC applications. In this work, we propose a game-theoretic framework to study the joint computational resource allocation and IPS deployment in the MEC architecture. Given the expected attack strength and end-user demands, we study the pricing strategy of the MEC platform operator (MPO) and purchase strategy of the application service providers (ASPs). The best responses of both MPO and ASPs are derived theoretically. Based on the best responses, we propose an efficient algorithm to derive the Stackelberg equilibrium. The properties and optimality in the efficiency of the equilibrium are analyzed through simulations. The results confirm that the proposed solutions significantly increase the social welfare of the system.

computer science, information systems, software engineering

Getenet Tefera,Kun She,Min Chen,Awais Ahmed

DOI: https://doi.org/10.1049/iet-com.2020.0630

IF: 4.923

2021-01-01

Sustainable Computing Informatics and Systems

Abstract:Multi-access edge computing (MEC) has attracted much more attention to revolutionising smart communication technologies and Internet of Everything. Nowadays, smart end-user devices are designed to execute sophisticated applications that demand more resources and explosively connected to the global ecosystem. As a result, the backhaul network traffic congestion grows enormously and user quality of experience is compromised as well. To address these challenges, the authors proposed congestion-aware adaptive decentralised computing, caching, and communication framework which can orchestrate the dynamic network environment based on deep reinforcement learning for MEC networks. MEC is a paradigm shift that transforms cloud services and capabilities platform at the edge of ubiquitous radio access networks in close proximity to mobile subscribers. The framework can evolve to perform augmented decision-making capabilities for the upcoming network generation. Hence, the problem is formulated using non-cooperative game theory which is nondeterministic polynomial (NP) hard to solve and the authors show that the game admits a Nash equilibrium. In addition, they have constructed a decentralised adaptive scheduling algorithm to leverage the utility of each smart end-user device. Therefore, their methodical observations using theoretical analysis and simulation results substantiate that the proposed algorithm can achieve ultra-low latency, enhanced storage capability, low energy consumption, and scalable than the baseline scheme.

Mengru Wu,Kexin Li,Liping Qian,Yuan Wu,Inkyu Lee

DOI: https://doi.org/10.1109/lcomm.2023.3347218

IF: 3.5529

2024-02-14

IEEE Communications Letters

Abstract:Mobile edge computing (MEC) enables the caching of various services close to users, thereby reducing service delay for emerging applications. However, realizing efficient and secure computation offloading is challenging due to the limited storage capacity of MEC servers and the offloading security issue arising from the open nature of wireless channels. In this letter, we investigate a MEC network with an eavesdropper, where the MEC server caches service programs required for task execution. Moreover, we propose a cooperative jamming-assisted scheme to enhance the security of computation offloading, in which a friendly jammer actively transmits signals to disrupt eavesdropping. Considering the limited caching capacity of the MEC server and the security concerns of computation offloading, we formulate a delay minimization problem by jointly optimizing service caching placement, transmit power, and devices' computation offloading decisions. To tackle this problem, we develop an efficient layered algorithm using successive convex approximation and the cross entropy-based technique. Numerical results demonstrate the effectiveness of our proposed scheme in reducing the overall delay in completing devices' computation tasks compared to baseline schemes.

telecommunications

Penglin Dai,Kaiwen Hu,Xiao Wu,Huanlai Xing,Fei Teng,Zhaofei Yu

DOI: https://doi.org/10.1109/tits.2020.3017172

IF: 8.5

2022-02-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:Mobile edge computing (MEC) has been an effective paradigm for supporting computation-intensive applications by offloading resources at network edge. Especially in vehicular networks, the MEC server, is deployed as a small-scale computation server at the roadside and offloads computation-intensive task to its local server. However, due to the unique characteristics of vehicular networks, including high mobility of vehicles, dynamic distribution of vehicle densities and heterogeneous capacities of MEC servers, it is still challenging to implement efficient computation offloading mechanism in MEC-assisted vehicular networks. In this article, we investigate a novel scenario of computation offloading in MEC-assisted architecture, where task upload coordination between multiple vehicles, task migration between MEC/cloud servers and heterogeneous computation capabilities of MEC/cloud severs, are comprehensively investigated. On this basis, we formulate cooperative computation offloading (CCO) problem by modeling the procedure of task upload, migration and computation based on queuing theory, which aims at minimizing the delay of task completion. To tackle the CCO problem, we propose a probabilistic computation offloading (PCO) algorithm, which enables MEC server to independently make online scheduling based on the derived allocation probability. Specifically, the PCO transforms the objective function into augmented Lagrangian and achieves the optimal solution in an iterative way, based on a convex framework called Alternating Direction Method of Multipliers (ADMM). Last but not the least, we implement the simulation model. The comprehensive simulation results show the superiority of the proposed algorithm under a wide range of scenarios.

engineering, electrical & electronic,transportation science & technology, civil

Han Zhou,Kai Jiang,Shibo He,Geyong Min,Jie Wu

DOI: https://doi.org/10.1109/twc.2023.3272348

IF: 10.4

2023-01-01

IEEE Transactions on Wireless Communications

Abstract:Mobile edge computing (MEC) is becoming popular in many civilian applications. However, due to the broadcast nature of wireless connections, traditional MEC is open to eavesdropping attacks that endanger mobile users’ information confidentiality. Friendly jamming (FJ), as one of the physical layer security techniques, can efficiently protect users from such threats by degrading attackers’ wiretap channel capacities. In this paper, we propose an FJ-based physical layer security (PLS) mechanism to safeguard the confidentiality of data uploading in MEC services. We design a comprehensive security scheme that uses FJ from both base station (BS) and nearby mobile users to cover upload transmission. Accordingly, the eavesdropping risk zone (ERZ) is formulated as an area under high secrecy outage probability (SOP). To promote FJ from users, we further introduce Device-to-device (D2D) communication-based FJ, which is inspired by non-orthogonal multiple access (NOMA) techniques. Then, we formulate, simplify, and solve the problem by optimizing the MEC secrecy performance under the required risk, with efficiencies in data uploading, energy consumption, and incentive delivery. Furthermore, we tackle the challenge of efficient incentive design under information asymmetry by introducing Contract Theory and providing differentiated rewards. By simulations, we evaluate the mechanism in terms of secrecy performance and incentive efficiency under information asymmetry, and the results accordingly show the effectiveness of the proposed security mechanism.

telecommunications,engineering, electrical & electronic

Wei-Zhe Zhang,Ibrahim A. Elgendy,Mohamed Hammad,Abdullah M. Iliyasu,Xiaojiang Du,Mohsen Guizani,Ahmed A. Abd El-Latif

DOI: https://doi.org/10.1109/jiot.2020.3042433

IF: 10.6

2021-05-15

IEEE Internet of Things Journal

Abstract:Mobile-edge computing (MEC) has emerged as a new computing paradigm with great potential to alleviate resource limitations attributed to mobile device users (MDUs) by offloading intensive computations to ubiquitous MEC server. However, most of the current offloading policies allow MDUs to transmit their tasks to the same connected small base stations (sBSs), which invariably increases latency and limits performance gain due to overload. Moreover, the security issue mitigating sensitive communication of information is not adequately addressed. Therefore, in this study, in addition to proposing a joint load balancing and computation offloading (CO) technique for MEC systems, we introduce a new security layer to circumvent potential security issues. First, a load balancing algorithm for efficient redistribution of MDUs among sBSs is proposed. In addition, a new advanced encryption standard (AES) cryptographic technique suffused with electrocardiogram (ECG) signal-based encryption and decryption key is presented as a security layer to safeguard the vulnerability of data during the transmission. Furthermore, an integrated model of load balancing, CO and security is formulated as a problem whose goal is to decrease the time and energy demands of the system. Detailed experimental results prove that our model with and without the additional security layers can save about 68.2% and 72.4% of system consumption compared to the local execution.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jianbin Xue,Jia Yao,Jiahao Wang

DOI: https://doi.org/10.1016/j.adhoc.2024.103545

IF: 4.816

2024-05-10

Ad Hoc Networks

Abstract:With the development of sixth-generation (6G) wireless communication technology, billions of vehicles will access the network in the future, and the number of vehicle applications and user data will also increase dramatically. Traditional cloud computing faces serious problems of latency and energy consumption in handling massive data. Mobile edge computing (MEC) has emerged to dramatically improve computing efficiency and reduce energy consumption by placing computing servers at network edge locations close to vehicles. However, the service range of MEC servers is limited and cannot fully satisfy user requirements. In addition, the task offloading process has security risks. The current research focuses on how to reduce the energy consumption and latency overhead of task offloading and neglects the economic cost or data transmission security of vehicles. To solve the above problems, we propose a cooperative security offloading (CSO) scheme for auxiliary vehicles and MEC servers. Firstly, we propose a dynamic pricing mechanism for computing resources by considering the credibility of MEC servers and auxiliary vehicles, the urgency of the task, and the number of users competing for auxiliary vehicles. Secondly, to prevent malicious MEC servers and eavesdroppers from attacking, we employ homomorphic encryption to protect user privacy. Meanwhile, efficient and secure computing services are achieved by optimizing user selection decisions, offloading decisions, and resource allocation decisions. Finally, the optimal decisions are obtained by the dueling DQN-based resource allocation and pricing strategy (DDRP) and the cost-minimizing security offloading (CMSO) algorithm, which minimizes the economic cost of users while maximizing security. Simulation results show that, compared with some existing schemes, the CSO scheme effectively reduces the economic cost of users while ensuring the security of data transmission.

computer science, information systems,telecommunications

Tao Fang,Dan Wu,Jiaxin Chen,Dianxiong Liu

DOI: https://doi.org/10.1109/tccn.2022.3168694

IF: 6.359

2022-01-01

IEEE Transactions on Cognitive Communications and Networking

Abstract:In the mobile edge computing (MEC) networks, the heterogeneous demands can be met through device-to-device (D2D) technology due to the idle local resources from the neighbors. Although the overload of mobile edge computing servers can be relieved by sharing idle local resources among neighbors, the active impact of the cooperation in the close neighbors is ignored in the most existing works. In this paper, we study the mutual cooperation between the users with heterogeneous demands such as the computation tasks or the desired contents, and then propose an innovative D2D-assisted heterogeneous users cooperation framework where two users with different demands can share their idle local resources. The optimization is to minimize the aggregate delay of all users in MEC networks. First, the problem is formulated as a heterogeneous demands based matching game involving D2D matching and edge matching. Next, the multi-round cooperation matching (MRCM) algorithm is proposed to find the stable match of the proposed game. Finally, the simulation results present the validity and effectiveness of our proposed game as well as the proposed algorithm.

Yifan Xu,Jin Chen,Yuhua Xu,Fanglin Gu,Kailing Yao,Luliang Jia,Dianxiong Liu,Ximing Wang

DOI: https://doi.org/10.1109/tgcn.2021.3098681

2021-01-01

IEEE Transactions on Green Communications and Networking

Abstract:Multi-access edge computing (MEC) system is developing to take advantage of the adjacent computation devices to reach better performance for IoT networks, and has to fight against malicious jamming attacks and heavy co-channel interference. To address this issue, this paper investigates the energy-efficient MEC optimization problem in a jamming environment where the attack activities of the jammer are time-varying and a priori unknown, and tries to obtain the joint channel access, offloading ratio and power solutions for IoT device-MEC server pairs. To model the interactions between users and the malicious jammer, a joint channel access and data offloading anti-jamming game is formulated. Moreover, it is proved that the proposed game is an exact potential game (EPG), and there exist at least one pure Nash Equilibrium (NE). To obtain NEs in the dynamic jamming environment, a Multi-pattern Best Response based Channel access and Data offloading (MBRCD) algorithm is designed. Through the "game learning" structure, the global network energy consumption can be greatly reduced under the premise of completing computation tasks. Furthermore, simulations indicate that the proposed approach outperforms other comparative approaches, and is well-adapted to the dynamic jamming environment.

Feifei Zhang,Jidong Ge,Chifong Wong,Chuanyi Li,Xingguo Chen,Sheng Zhang,Bin Luo,He Zhang,Victor Chan

DOI: https://doi.org/10.1016/j.jpdc.2019.02.003

IF: 4.542

2019-01-01

Journal of Parallel and Distributed Computing

Abstract:Cloud of Things (CoT) is a significant paradigm for bridging cloud resource and mobile terminals. Mobile edge computing (MEC) is a supporting architecture for CoT. The objectives of this paper are to describe and evaluate a method to handle the computation offloading problem during user mobility which minimizes the offloading failure rate in heterogeneous network. Furthermore, users’ mobility and their choices for offloading lead to the everchanging condition of wireless network and opportunistic resource available. By modeling such dynamic mobile edge environment, quantizing the user cost, failure penalty and diversified QoS requirements, computation offloading problem is converted into an online decision-making problem in a stochastic process. We divide the decision-making into two phases: offloading planning phase and offloading running phase. In both phases the learning agent can continuously improve the control policy. We also conduct a failure recovery policy to tackle different types of failure and is included in the decision-making process. The numerical results show that the proposed online learning offloading method for mobile users can derive the optimal offloading scheme compared with the baseline algorithms.

Hongcheng Huang,Peixin Ye,Min Hu,Jun Wu

DOI: https://doi.org/10.1016/j.dcan.2022.04.008

IF: 6.348

2022-04-01

Digital Communications and Networks

Abstract:Nowadays, a large number of intelligent devices involved in the Industrial Internet of Things (IIoT) environment are posing unprecedented cybersecurity challenges. Due to the limited budget for security protection, the IIoT devices are vulnerable and easily compromised to launch Distributed Denial-of-Service (DDoS) attacks, resulting in disastrous results. Unfortunately, considering the particularity of the IIoT environment, most of the defense solutions in traditional networks cannot be directly applied to IIoT with acceptable security performance. Therefore, in this work, we propose a multi-point collaborative defense mechanism against DDoS attacks for IIoT. Specifically, for the single point DDoS defense, we design an edge-centric mechanism termed EdgeDefense for the detection, identification, classification, and mitigation of DDoS attacks and the generation of defense information. For the practical multi-point scenario, we propose a collaborative defense model against DDoS attacks to securely share the defense information across the network through the blockchain. Besides, a fast defense information sharing mechanism is designed to reduce the delay of defense information sharing and provide a responsive cybersecurity guarantee. The simulation results indicate that the identification and classification performance of the two machine learning models designed for EdgeDefense are better than those of the state-of-the-art baseline models, and therefore EdgeDefense can defend against DDoS attacks effectively. The results also verify that the proposed fast sharing mechanism can reduce the propagation delay of the defense information blocks effectively, thereby improving the responsiveness of the multi-point collaborative DDoS defense.

telecommunications

Xin Qi,Hongli Xu,Zhenguo Ma,Suo Chen

DOI: https://doi.org/10.1109/ccgrid51090.2021.00057

2021-01-01

Abstract:As some delay-sensitive mobile services such as augmented reality and autonomous driving proliferate, users' demand for low latency access to computation resources increases dramatically, and existing centralized cloud computing paradigm is difficult to solve the current dilemma. As a emerging computing paradigm in which computational capabilities are pushed from the central cloud to the network edges, Mobile Edge Computing (MEC) is expected to be an effective solution. However, due to the limited capacity (e.g. computation and bandwidth) of MEC nodes, it is not easy to maintain satisfactory quality of service for user applications. Most of the previous work is limited to reducing the processing delay by dynamically adjusting the task offloading strategy, while ignoring the key impact of access network selection on network congestion. To fill this gap, we study the joint optimization of network selection and task offloading in MEC networks with multidimensional resources constraints. To address a number of key challenges in MEC systems, including spatial demand coupling and decentralized coordination, we propose an efficient online algorithm and achieve provable close-to-optimal performance. Extensive simulation results are presented to verify the performance of our algorithm.

Joelle Kabdjou,Norihiko Shinomiya

DOI: https://doi.org/10.1109/access.2024.3361476

IF: 3.9

2024-02-20

IEEE Access

Abstract:Creating a cyber deception framework for 5G networks, particularly in IoT and cellular applications, is complex due to critical constraints in managing resources, meeting low latency demands, and addressing security concerns. While cloud computing aids in alleviating some limitations, it often falls short in meeting low-latency requirements. Multi-Access Edge Computing (MEC) has emerged as a solution by bringing resources closer to User Equipment (UEs) to reduce latency. Various MEC architectures have leveraged Software Defined Networking (SDN), Network Function Virtualization (NFV), Service Function Chaining (SFC), Network Slicing (NS), decision-making systems, and deception components. However, none have integrated these technologies comprehensively to achieve superior Quality of Service (QoS) and strengthen security. In this paper, we unify SDN, NFV, SFC, NS, decision-making technologies, and deception to efficiently manage MEC server resources and lure attackers. We utilize cyber deception metrics, including request collection rates over time and variations in request numbers concerning different botnet sizes. Moreover, we meticulously address QoS parameters such as latency, computing, storage, and bandwidth resources. Our approach initiates with a mathematical model for MEC server resource allocation, introducing a novel architecture that reduces bandwidth, computing, and storage resource usage. We introduce a cyber deception strategy utilizing uniform distribution and random selection to divert potential attackers. Simulations validate efficient resource management, notably reducing end-to-end latency for requests processed on the edge and in the cloud. This enhancement improves QoS within the MEC system and provides valuable insights for advancing decision-making technologies.

computer science, information systems,telecommunications,engineering, electrical & electronic

Rui Yin,Xiao Lu,Chao Chen,Xianfu Chen,Celimuge Wu

DOI: https://doi.org/10.1109/jiot.2023.3302805

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:This paper studies joint power, spectrum and computational resource allocation in mobile edge computing (MEC) systems. Considering that the licensed spectrum resources are not sufficient, the computing tasks can also be uploaded to the remote MEC server (MECS) via the unlicensed spectrum. To facilitate fair coexistence with Wi-Fi networks, we adopt the duty-cycle-muting mechanism with adaptive adjustment of the duty cycle on unlicensed channels. We propose a Stackelberg game formulation, where the aim is to minimize the long-term energy consumption of the non-cooperative user terminals (UEs) while guaranteeing the stability of task buffers. In the game, the MECS prices the licensed spectrum to indirectly adjust the proportion of bandwidth for each UE. In particular, we develop a distributed resource management algorithm, which enables the UEs to behave independently and adaptively. Theoretical analysis and simulations demonstrate the effectiveness of our proposed algorithm with respect to energy saving under constrained signaling overheads.

computer science, information systems,telecommunications,engineering, electrical & electronic

Lei Guo,Yiping Xing,Chunxiao Jiang,Lin Bai

DOI: https://doi.org/10.1109/IWCMC51323.2021.9498596

2021-01-01

Abstract:With the emergence of computationally intensive and delay sensitive applications, mobile edge computing(MEC) has become more and more popular. Simultaneously, MEC paradigm is faced with security challenges, the most harmful of which is DDoS attack. In this paper, we focus on the resource orchestration algorithm in MEC scenario to mitigate DDoS attack. Most of existing works on resource orchestration algorithm barely take into account DDoS attack. Moreover, they assume that MEC nodes are unselfish, while in practice MEC nodes are selfish and try to maximize their individual utility only, as they usually belong to different network operators. To solve such problems, we propose a price-based resource orchestration algorithm(PROA) using game theory and convex optimization, which aims at mitigating DDoS attack while maximizing the utility of each participant. Pricing resources to simulate market mechanisms, which is national to make rational decisions for all participants. Finally, we conduct experiment using Matlab and show that the proposed PROA can effectively mitigate DDoS attack on the attacked MEC node.

Marian Gusatu,Ruxandra F. Olimid

DOI: https://doi.org/10.48550/arXiv.2111.04801

2021-11-10

Abstract:Multi-access Edge Computing (MEC) is a 5G-enabling solution that aims to bring cloud-computing capabilities closer to the end-users. This paper focuses on mitigation techniques against Distributed Denial-of-Service (DDoS) attacks in the context of 5G MEC, providing solutions that involve the virtualized environment and the management entities from the MEC architecture. The proposed solutions aim to reduce the risk of affecting legitimate traffic in the context of DDoS attacks. Our work supports the idea of using a network flow collector that sends the data to an anomaly detection system based on artificial intelligence techniques and, as an improvement over the previous work, it contributes to redirecting detected anomalies for isolation to a separate virtual machine. This virtual machine uses deep packet inspection tools to analyze the traffic and provides services until the final verdict. We decrease the risk of compromising the virtual machine that provides services to legitimate users by isolating the suspicious traffic. The management entities of the MEC architecture allow to re-instantiate or reconfigure the virtual machines. Hence, if the machine inspecting the isolated traffic crashes because of an attack, the damaged machine can be restored while the services provided to legitimate users are not affected.

Cryptography and Security,Networking and Internet Architecture

Lunyuan Chen,Shunpu Tang,Venki Balasubramanian,Junjuan Xia,Fasheng Zhou,Lisheng Fan

DOI: https://doi.org/10.1016/j.comcom.2022.07.037

IF: 5.047

2022-10-01

Computer Communications

Abstract:This paper studies a secure mobile edge computing (MEC) for emerging cyber physical systems (CPS), where there exist K eavesdroppers in the network, which can threaten the task offloading. These K eavesdroppers can work either in a colluding mode where they cooperate to decode the secret message, or in a non-colluding mode where the eavesdroppers decode the message individually. For both eavesdropping nodes, we design the secure MEC system by devising a computation offloading ratio, transmit power and computational capability allocation to optimize the system performance mainly measured by the latency. In particular, a novel deep reinforcement learning (DRL) together with convex optimization (DRCO) is proposed, where the DRL is used to find a proper solution to the offloading ratio, while the convex optimization is implemented to solve the allocation of transmission power and computational capability. Simulation results show that the proposed DRCO method is superior to other conventional methods, and can provide a guaranteed secrecy and latency.

computer science, information systems,telecommunications,engineering, electrical & electronic