Multi-access Edge Computing (MEC) is a 5G-enabling solution that aims to bring cloud-computing capabilities closer to the end-users. This paper focuses on mitigation techniques against Distributed Denial-of-Service (DDoS) attacks in the context of 5G MEC, providing solutions that involve the virtualized environment and the management entities from the MEC architecture. The proposed solutions aim to reduce the risk of affecting legitimate traffic in the context of DDoS attacks. Our work supports the idea of using a network flow collector that sends the data to an anomaly detection system based on artificial intelligence techniques and, as an improvement over the previous work, it contributes to redirecting detected anomalies for isolation to a separate virtual machine. This virtual machine uses deep packet inspection tools to analyze the traffic and provides services until the final verdict. We decrease the risk of compromising the virtual machine that provides services to legitimate users by isolating the suspicious traffic. The management entities of the MEC architecture allow to re-instantiate or reconfigure the virtual machines. Hence, if the machine inspecting the isolated traffic crashes because of an attack, the damaged machine can be restored while the services provided to legitimate users are not affected.
翻译:多存取率电子计算(MEC)是一个5G增强功能的解决方案,旨在将云计算能力更接近终端用户,本文侧重于在5GMEC背景下防止分散拒绝服务攻击的缓解技术,提供涉及虚拟环境和来自MEC架构的管理实体的解决办法。拟议解决方案旨在减少在DDoS袭击中影响合法交通的风险。我们的工作支持使用网络流收集器,将数据发送到以人工智能技术为基础的异常检测系统,作为对先前工作的改进,它有助于将检测到的异常现象转移到单独的虚拟机器上。这台虚拟机器使用深包检查工具分析交通情况,并在作出最后裁决之前提供服务。我们减少通过隔离可疑交通而损害向合法用户提供服务的虚拟机器的风险。MEC架构的管理机构允许对虚拟机器进行再加密或重新配置。因此,如果机器检查孤立的交通崩溃是因为袭击而导致的,受损机器可以恢复到合法的用户的服务。