Flexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetes

Simple item page
dc.authorscopusid 57222958869
dc.authorscopusid 55625667200
dc.authorscopusid 51763497600
dc.contributor.author Koksal, Sarp
dc.contributor.author Catak, Ferhat Ozgur
dc.contributor.author Dalveren, Yaser
dc.date.accessioned 2024-12-05T20:48:52Z
dc.date.available 2024-12-05T20:48:52Z
dc.date.issued 2024
dc.department Atılım University en_US
dc.department-temp [Koksal, Sarp] Red Hat Inc, TR-34746 Istanbul, Turkiye; [Koksal, Sarp] Atilim Univ, Grad Sch Nat & Appl Sci, Dept Elect & Elect Engn, TR-06830 Ankara, Turkiye; [Catak, Ferhat Ozgur] Univ Stavanger, Dept Elect Engn & Comp Sci, N-4021 Rogaland, Norway; [Dalveren, Yaser] Izmir Bakircay Univ, Dept Elect & Elect Technol, TR-35665 Izmir, Turkiye en_US
dc.description.abstract Mobile Edge Computing (MEC) has a significant potential to become more prevalent in Fifth Generation (5G) networks, requiring resource management that is lightweight, agile, and dynamic. Container-based virtualization platforms, such as Kubernetes, have emerged as key enablers for MEC environments. However, network security and data privacy remain significant concerns, particularly due to Distributed Denial-of-Service (DDoS) attacks that threaten the massive connectivity of end-devices. This study proposes a defense mechanism to mitigate DDoS attacks in container-based MEC networks using Kubernetes. The mechanism dynamically scales Containerized Network Functions (CNFs) with auto-scaling through an Intrusion Detection and Prevention System (IDPS). The architecture of the proposed mechanism leverages distributed edge clusters and Kubernetes to manage resources and balance the load of IDPS CNFs. Experiments conducted in a real MEC environment using OpenShift and Telco-grade MEC profiles demonstrate the effectiveness of the proposed mechanism against Domain Name System (DNS) flood and Yo-Yo attacks. Results also verify that Kubernetes efficiently meets the lightweight, agile, and dynamic resource management requirements of MEC networks. en_US
dc.description.woscitationindex Science Citation Index Expanded
dc.identifier.citationcount 0
dc.identifier.doi 10.1109/ACCESS.2024.3501192
dc.identifier.endpage 172991 en_US
dc.identifier.issn 2169-3536
dc.identifier.scopus 2-s2.0-85210290226
dc.identifier.scopusquality Q1
dc.identifier.startpage 172980 en_US
dc.identifier.uri https://doi.org/10.1109/ACCESS.2024.3501192
dc.identifier.uri https://hdl.handle.net/20.500.14411/10283
dc.identifier.volume 12 en_US
dc.identifier.wos WOS:001362079800012
dc.identifier.wosquality Q2
dc.language.iso en en_US
dc.publisher Ieee-inst Electrical Electronics Engineers inc en_US
dc.relation.publicationcategory Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı en_US
dc.rights info:eu-repo/semantics/closedAccess en_US
dc.scopus.citedbyCount 1
dc.subject Servers en_US
dc.subject Denial-of-service attack en_US
dc.subject Cloud computing en_US
dc.subject Computer crime en_US
dc.subject Resource management en_US
dc.subject Prevention and mitigation en_US
dc.subject Dynamic scheduling en_US
dc.subject Quality of service en_US
dc.subject Image edge detection en_US
dc.subject Computer architecture en_US
dc.subject Containerized network functions (CNF) en_US
dc.subject distributed denial-of-service (DDoS) en_US
dc.subject flood en_US
dc.subject intrusion detection prevention system (IDPS) en_US
dc.subject Kubernetes en_US
dc.subject mobile edge computing (MEC) en_US
dc.subject Yo-Yo en_US
dc.title Flexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetes en_US
dc.type Article en_US
dc.wos.citedbyCount 1
dspace.entity.type Publication

Files

Collections

WoS
Scopus