Filters

2021 - 20242
Reset filters

Settings

Author: Koksal, Sarp

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Article
    Citation - WoS: 8
    Citation - Scopus: 15
    Distributed denial-of-service attack mitigation in network functions virtualization-based 5G networks using management and orchestration
    (Wiley, 2021) Koksal, Sarp; Dalveren, Yaser; Maiga, Bamoye; Kara, Ali
    The fifth generation (5G) technology is expected to allow connectivity to billions of devices, known as Internet of Things (IoT). However, IoT devices will inevitably be the main target of various cyberattack types. The most common one is known as distributed denial-of-service (DDoS) attack. In order to mitigate such attacks, network functions virtualization (NFV) has a great potential to provide the benefit of elasticity and low-cost solutions for protecting 5G networks. In this context, this study proposes a new mechanism developed to mitigate DDoS attacks in 5G NFV networks. The proposed mechanism utilizes intrusion prevention system's (IPS) virtual machines (VMs) to intercept the queries. Based on the volume of DDoS traffic, IPS's VMs are dynamically deployed by means of management and orchestration (MANO) in order to balance the load. To evaluate the effectiveness of the mechanism, experiments are conducted in a real 5G NFV environment built by using 5G NFV environment tools. To our best knowledge, this is the first time that NFV-based mechanism is experimentally tested in a real 5G NFV environment for mitigating DDoS attacks in 5G networks. The experimental results verify that the proposed mechanism can mitigate DDoS attacks effectively.
  • Thumbnail Image
    Article
    Citation - WoS: 7
    Citation - Scopus: 8
    Flexible and Lightweight Mitigation Framework for Distributed Denial-Of Attacks in Container-Based Edge Networks Using Kubernetes
    (Ieee-inst Electrical Electronics Engineers inc, 2024) Koksal, Sarp; Catak, Ferhat Ozgur; Dalveren, Yaser
    Mobile Edge Computing (MEC) has a significant potential to become more prevalent in Fifth Generation (5G) networks, requiring resource management that is lightweight, agile, and dynamic. Container-based virtualization platforms, such as Kubernetes, have emerged as key enablers for MEC environments. However, network security and data privacy remain significant concerns, particularly due to Distributed Denial-of-Service (DDoS) attacks that threaten the massive connectivity of end-devices. This study proposes a defense mechanism to mitigate DDoS attacks in container-based MEC networks using Kubernetes. The mechanism dynamically scales Containerized Network Functions (CNFs) with auto-scaling through an Intrusion Detection and Prevention System (IDPS). The architecture of the proposed mechanism leverages distributed edge clusters and Kubernetes to manage resources and balance the load of IDPS CNFs. Experiments conducted in a real MEC environment using OpenShift and Telco-grade MEC profiles demonstrate the effectiveness of the proposed mechanism against Domain Name System (DNS) flood and Yo-Yo attacks. Results also verify that Kubernetes efficiently meets the lightweight, agile, and dynamic resource management requirements of MEC networks.