Improved security solutions for DDoS mitigation in 5G Multi-access Edge Computing

Multi-access Edge Computing (MEC) is a 5G-enabling solution that aims to bring cloud-computing capabilities closer to the end-users. This paper focuses on mitigation techniques against Distributed Denial-of-Service (DDoS) attacks in the context of 5G MEC, providing solutions that involve the virtualized environment and the management entities from the MEC architecture. The proposed solutions aim to reduce the risk of affecting legitimate traffic in the context of DDoS attacks. Our work supports the idea of using a network flow collector that sends the data to an anomaly detection system based on artificial intelligence techniques and, as an improvement over the previous work, it contributes to redirecting detected anomalies for isolation to a separate virtual machine. This virtual machine uses deep packet inspection tools to analyze the traffic and provides services until the final verdict. We decrease the risk of compromising the virtual machine that provides services to legitimate users by isolating the suspicious traffic. The management entities of the MEC architecture allow to re-instantiate or reconfigure the virtual machines. Hence, if the machine inspecting the isolated traffic crashes because of an attack, the damaged machine can be restored while the services provided to legitimate users are not affected.