Flexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetes
| dc.contributor.author | Koksal, Sarp | |
| dc.contributor.author | Catak, Ferhat Ozgur | |
| dc.contributor.author | Dalveren, Yaser | |
| dc.contributor.other | Department of Electrical & Electronics Engineering | |
| dc.date.accessioned | 2024-12-05T20:48:52Z | |
| dc.date.available | 2024-12-05T20:48:52Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | Mobile Edge Computing (MEC) has a significant potential to become more prevalent in Fifth Generation (5G) networks, requiring resource management that is lightweight, agile, and dynamic. Container-based virtualization platforms, such as Kubernetes, have emerged as key enablers for MEC environments. However, network security and data privacy remain significant concerns, particularly due to Distributed Denial-of-Service (DDoS) attacks that threaten the massive connectivity of end-devices. This study proposes a defense mechanism to mitigate DDoS attacks in container-based MEC networks using Kubernetes. The mechanism dynamically scales Containerized Network Functions (CNFs) with auto-scaling through an Intrusion Detection and Prevention System (IDPS). The architecture of the proposed mechanism leverages distributed edge clusters and Kubernetes to manage resources and balance the load of IDPS CNFs. Experiments conducted in a real MEC environment using OpenShift and Telco-grade MEC profiles demonstrate the effectiveness of the proposed mechanism against Domain Name System (DNS) flood and Yo-Yo attacks. Results also verify that Kubernetes efficiently meets the lightweight, agile, and dynamic resource management requirements of MEC networks. | en_US |
| dc.identifier.doi | 10.1109/ACCESS.2024.3501192 | |
| dc.identifier.issn | 2169-3536 | |
| dc.identifier.scopus | 2-s2.0-85210290226 | |
| dc.identifier.uri | https://doi.org/10.1109/ACCESS.2024.3501192 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14411/10283 | |
| dc.language.iso | en | en_US |
| dc.publisher | Ieee-inst Electrical Electronics Engineers inc | en_US |
| dc.rights | info:eu-repo/semantics/closedAccess | en_US |
| dc.subject | Servers | en_US |
| dc.subject | Denial-of-service attack | en_US |
| dc.subject | Cloud computing | en_US |
| dc.subject | Computer crime | en_US |
| dc.subject | Resource management | en_US |
| dc.subject | Prevention and mitigation | en_US |
| dc.subject | Dynamic scheduling | en_US |
| dc.subject | Quality of service | en_US |
| dc.subject | Image edge detection | en_US |
| dc.subject | Computer architecture | en_US |
| dc.subject | Containerized network functions (CNF) | en_US |
| dc.subject | distributed denial-of-service (DDoS) | en_US |
| dc.subject | flood | en_US |
| dc.subject | intrusion detection prevention system (IDPS) | en_US |
| dc.subject | Kubernetes | en_US |
| dc.subject | mobile edge computing (MEC) | en_US |
| dc.subject | Yo-Yo | en_US |
| dc.title | Flexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetes | en_US |
| dc.type | Article | en_US |
| dspace.entity.type | Publication | |
| gdc.author.institutional | Dalveren, Yaser | |
| gdc.author.scopusid | 57222958869 | |
| gdc.author.scopusid | 55625667200 | |
| gdc.author.scopusid | 51763497600 | |
| gdc.coar.access | metadata only access | |
| gdc.coar.type | text::journal::journal article | |
| gdc.description.department | Atılım University | en_US |
| gdc.description.departmenttemp | [Koksal, Sarp] Red Hat Inc, TR-34746 Istanbul, Turkiye; [Koksal, Sarp] Atilim Univ, Grad Sch Nat & Appl Sci, Dept Elect & Elect Engn, TR-06830 Ankara, Turkiye; [Catak, Ferhat Ozgur] Univ Stavanger, Dept Elect Engn & Comp Sci, N-4021 Rogaland, Norway; [Dalveren, Yaser] Izmir Bakircay Univ, Dept Elect & Elect Technol, TR-35665 Izmir, Turkiye | en_US |
| gdc.description.endpage | 172991 | en_US |
| gdc.description.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
| gdc.description.scopusquality | Q1 | |
| gdc.description.startpage | 172980 | en_US |
| gdc.description.volume | 12 | en_US |
| gdc.description.woscitationindex | Science Citation Index Expanded | |
| gdc.description.wosquality | Q2 | |
| gdc.identifier.wos | WOS:001362079800012 | |
| gdc.scopus.citedcount | 1 | |
| gdc.wos.citedcount | 1 | |
| relation.isAuthorOfPublication | 55e082ac-14c0-46a6-b8fa-50c5e40b59c8 | |
| relation.isAuthorOfPublication.latestForDiscovery | 55e082ac-14c0-46a6-b8fa-50c5e40b59c8 | |
| relation.isOrgUnitOfPublication | c3c9b34a-b165-4cd6-8959-dc25e91e206b | |
| relation.isOrgUnitOfPublication.latestForDiscovery | c3c9b34a-b165-4cd6-8959-dc25e91e206b |