Flexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetes

Simple item page
dc.authorscopusid57222958869
dc.authorscopusid55625667200
dc.authorscopusid51763497600
dc.contributor.authorKoksal, Sarp
dc.contributor.authorCatak, Ferhat Ozgur
dc.contributor.authorDalveren, Yaser
dc.date.accessioned2024-12-05T20:48:52Z
dc.date.available2024-12-05T20:48:52Z
dc.date.issued2024
dc.departmentAtılım Universityen_US
dc.department-temp[Koksal, Sarp] Red Hat Inc, TR-34746 Istanbul, Turkiye; [Koksal, Sarp] Atilim Univ, Grad Sch Nat & Appl Sci, Dept Elect & Elect Engn, TR-06830 Ankara, Turkiye; [Catak, Ferhat Ozgur] Univ Stavanger, Dept Elect Engn & Comp Sci, N-4021 Rogaland, Norway; [Dalveren, Yaser] Izmir Bakircay Univ, Dept Elect & Elect Technol, TR-35665 Izmir, Turkiyeen_US
dc.description.abstractMobile Edge Computing (MEC) has a significant potential to become more prevalent in Fifth Generation (5G) networks, requiring resource management that is lightweight, agile, and dynamic. Container-based virtualization platforms, such as Kubernetes, have emerged as key enablers for MEC environments. However, network security and data privacy remain significant concerns, particularly due to Distributed Denial-of-Service (DDoS) attacks that threaten the massive connectivity of end-devices. This study proposes a defense mechanism to mitigate DDoS attacks in container-based MEC networks using Kubernetes. The mechanism dynamically scales Containerized Network Functions (CNFs) with auto-scaling through an Intrusion Detection and Prevention System (IDPS). The architecture of the proposed mechanism leverages distributed edge clusters and Kubernetes to manage resources and balance the load of IDPS CNFs. Experiments conducted in a real MEC environment using OpenShift and Telco-grade MEC profiles demonstrate the effectiveness of the proposed mechanism against Domain Name System (DNS) flood and Yo-Yo attacks. Results also verify that Kubernetes efficiently meets the lightweight, agile, and dynamic resource management requirements of MEC networks.en_US
dc.description.woscitationindexScience Citation Index Expanded
dc.identifier.citationcount0
dc.identifier.doi10.1109/ACCESS.2024.3501192
dc.identifier.endpage172991en_US
dc.identifier.issn2169-3536
dc.identifier.scopus2-s2.0-85210290226
dc.identifier.scopusqualityQ1
dc.identifier.startpage172980en_US
dc.identifier.urihttps://doi.org/10.1109/ACCESS.2024.3501192
dc.identifier.urihttps://hdl.handle.net/20.500.14411/10283
dc.identifier.volume12en_US
dc.identifier.wosWOS:001362079800012
dc.identifier.wosqualityQ2
dc.language.isoenen_US
dc.publisherIeee-inst Electrical Electronics Engineers incen_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.scopus.citedbyCount0
dc.subjectServersen_US
dc.subjectDenial-of-service attacken_US
dc.subjectCloud computingen_US
dc.subjectComputer crimeen_US
dc.subjectResource managementen_US
dc.subjectPrevention and mitigationen_US
dc.subjectDynamic schedulingen_US
dc.subjectQuality of serviceen_US
dc.subjectImage edge detectionen_US
dc.subjectComputer architectureen_US
dc.subjectContainerized network functions (CNF)en_US
dc.subjectdistributed denial-of-service (DDoS)en_US
dc.subjectflooden_US
dc.subjectintrusion detection prevention system (IDPS)en_US
dc.subjectKubernetesen_US
dc.subjectmobile edge computing (MEC)en_US
dc.subjectYo-Yoen_US
dc.titleFlexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetesen_US
dc.typeArticleen_US
dc.wos.citedbyCount0
dspace.entity.typePublication

Files

Collections

WOS
Scopus