研究生: |
Adhyatma Abbas Adhyatma Abbas |
---|---|
論文名稱: |
Denial of Service Detection and Mitigation in Multi-Access Edge Computing in Software Defined Network by Decision Tree Learning Approach Denial of Service Detection and Mitigation in Multi-Access Edge Computing in Software Defined Network by Decision Tree Learning Approach |
指導教授: |
呂政修
Jenq-Shiou Leu |
口試委員: |
易志偉
Chih-Wei Yi 陳省隆 Hsing-Lung Chen 陳維美 Wei-Mei Chen 鄭瑞光 Ray-Guang Cheng |
學位類別: |
碩士 Master |
系所名稱: |
電資學院 - 電子工程系 Department of Electronic and Computer Engineering |
論文出版年: | 2019 |
畢業學年度: | 107 |
語文別: | 英文 |
論文頁數: | 49 |
中文關鍵詞: | 5G networks 、MEC 、DoS 、SDN 、Supervised Learning |
外文關鍵詞: | 5G networks, MEC, DoS, SDN, Supervised Learning |
相關次數: | 點閱:249 下載:0 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
5G is a standard that proposed to overcome the limitations of the 4G network. Massive broadband and very low latency are expected to be achieved on the 5G network. Cloud computing is one of the critical technologies to enable 5G to handle enormous broadband. However, the cloud server is usually placed far away from the user so that delay, congestion, or the other issues may occur. To solve this problem, Multi-access Edge Computing (MEC) is a cloud computing paradigm that brings computing, storage, and network resources adjacent to the users. Supporting a massive number of devices connected in 5G also opens an excellent opportunity for attacks such as Denial of Service (DoS). DoS remains an issue in term of performance improvement. In this paper, we intend to introduce a new system that leveraging the MEC function and integrate it with Software
Defined Network (SDN) and supervised decision tree learning approaches which are C5.0, Bagging-CART (B-CART), and Random Forest (RF).
Our simulation lab collects data which consist of three types of DoS attacks:
ICMP echo flood, TCP Xmas flood, and UDP flood attack. Evaluation conducted based on the collected information shows that the selected decision tree learning approaches perform better than the other machine learning methods in terms of accuracy and processing time. It indicates that the proposed supervised learning is suitable for DoS detection system. Finally, the overall result shows that the proposed scheme can enable the intrusion detection function in MEC 5G to detect and mitigate the DoS attack effectively.
5G is a standard that proposed to overcome the limitations of the 4G network. Massive broadband and very low latency are expected to be achieved on the 5G network. Cloud computing is one of the critical technologies to enable 5G to handle enormous broadband. However, the cloud server is usually placed far away from the user so that delay, congestion, or the other issues may occur. To solve this problem, Multi-access Edge Computing (MEC) is a cloud computing paradigm that brings computing, storage, and network resources adjacent to the users. Supporting a massive number of devices connected in 5G also opens an excellent opportunity for attacks such as Denial of Service (DoS). DoS remains an issue in term of performance improvement. In this paper, we intend to introduce a new system that leveraging the MEC function and integrate it with Software
Defined Network (SDN) and supervised decision tree learning approaches which are C5.0, Bagging-CART (B-CART), and Random Forest (RF).
Our simulation lab collects data which consist of three types of DoS attacks:
ICMP echo flood, TCP Xmas flood, and UDP flood attack. Evaluation conducted based on the collected information shows that the selected decision tree learning approaches perform better than the other machine learning methods in terms of accuracy and processing time. It indicates that the proposed supervised learning is suitable for DoS detection system. Finally, the overall result shows that the proposed scheme can enable the intrusion detection function in MEC 5G to detect and mitigate the DoS attack effectively.
[1] D. Chemodanov, F. Esposito, P. Calyam, and A. Sukhov, “A Constrained Shortest Path Scheme for Virtual Network Service Management,” IEEE Transactions on Network and Service Management, pp. 1–1, 2018.
[2] L. Lozano, A. L. Medaglia, "On an exact method for the constrained shortest path problem", Comput. Oper. Res., vol. 40, no. 1, pp. 378-384, 2013.
[3] M. Alizadeh et al., "CONGA: Distributed congestion-aware load balancing for datacenters", ACM SIGCOMM Comput. Commun. Rev., vol. 44, no. 4, pp. 503-514, 2
[4] “Cisco Visual Networking Index: Forecast and Trends, 2017–2022,” Cisco, 27-Nov-2018. [Online]. Available: https://www.cisco.com/c/en/us/solutions/collateral/serviceprovider/visual-networking-index-vni/white-paper-c11-741490.html. [Accessed: 09-Jan-2019].
[5] T. X. Tran, A. Hajisami, P. Pandey, and D. Pompili, “Collaborative Mobile Edge Computing in 5G Networks: New Paradigms, Scenarios, and Challenges,” IEEE Communications Magazine, vol. 55, no. 4, pp. 54–61, 2017.
[6] S. Dahmen-Lhuissier, “Multi-access Edge Computing,” ETSI. [Online]. Available: https://www.etsi.org/technologies/multi-access-edge-computing. [Accessed: 24-Apr-2019].
[7] L. V. Ma, V. Q. Nguyen, J. Park, and J. Kim, “NFV-Based Mobile Edge Computing for Lowering Latency of 4K Video Streaming,” 2018 Tenth International Conference on Ubiquitous and Future Networks (ICUFN), 2018.
[8] A. Mehrabi, M. Siekkinen, and A. Yla-Jaaski, “QoE-Traffic Optimization Through Collaborative Edge Caching in Adaptive Mobile Video Streaming,” IEEE Access, vol. 6, pp. 52261–52276, 2018.
[9] J. Nightingale, P. Salva-Garcia, J. M. A. Calero, and Q. Wang, “5G-QoE: QoE Modelling for Ultra-HD Video Streaming in 5G Networks,” IEEE Transactions on Broadcasting, vol. 64, no. 2, pp. 621–634, 2018.
[10] S.-R. Yang, Y.-J. Tseng, C.-C. Huang, and W.-C. Lin, “Multi-Access Edge Computing Enhanced Video Streaming: Proof-of-Concept Implementation and Prediction/QoE Models,” IEEE Transactions on Vehicular Technology, vol. 68, no. 2, pp. 1888–1902, 2019.
[11] L.-V. Le, B.-S. P. Lin, L.-P. Tung, and D. Sinh, “SDN/NFV, Machine Learning, and Big Data Driven Network Slicing for 5G,” 2018 IEEE 5G World Forum (5GWF), 2018.
[12] W. Pak, “Fast packet classification for V2X services in 5G networks,” Journal of Communications and Networks, vol. 19, no. 3, pp. 218–226, 2017.
[13] Sufian Hameed and H. A. Khan, “SDN Based Collaborative Scheme for Mitigation of DoS Attacks,” Future Internet, vol. 10, no. 3, p. 23, Feb. 2018.
[14] R. Doshi, N. Apthorpe, and N. Feamster, “Machine Learning DoS Detection for Consumer Internet of Things Devices,” 2018 IEEE Security and Privacy Workshops (SPW), 2018.
[15] C. Li, Y. Wu, X. Yuan, Z. Sun, W. Wang, X. Li, and L. Gong, “Detection and defense of DoS attack-based on deep learning in Openflow-based SDN,” International Journal of Communication Systems, vol. 31, no. 5, 2018.
[16] J. Li, Z. Zhao, and R. Li, “Machine learning-based IDS for software-defined 5G network,” IET Networks, vol. 7, no. 2, pp. 53–60, 2018.
[17] A. Huang, N. Nikaein, "Demo: LL-MEC A SDN-based MEC Platform", MobiCom ‘17, Snowbird, UT, USA, 2017
[18] T. Bujlow, T. Riaz, and J. M. Pedersen, “A method for classification of network traffic based on C5.0 Machine Learning Algorithm,” 2012 International Conference on Computing, Networking and Communications (ICNC), 2012.
[19] A. Jenefa and M. B. Moses, “An Upgraded C5.0 Algorithm for Network Application Identification,” 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI), 2018.
[20] R. Yang and A. Zuo, “Identifying the Credit Level of a Company with Bagging-CART Integrated Algorithm,” 2014 Seventh International Symposium on Computational Intelligence and Design, 2014.
[21] J. Ma, Y. Qiao, G. Hu, Y. Huang, A. K. Sangaiah, C. Zhang, Y. Wang, and R. Zhang, “De-Anonymizing Social Networks With Random Forest Classifier,” IEEE Access, vol. 6, pp. 10139–10150, 2018.
[22] “Sampling rates,” sFlow. [Online]. Available: https://blog.sflow.com/2009/06/sampling-rates.html. [Accessed: 12-Apr-2019]
[23] P. Phaal, S. Panchen, and N. Mckee, “InMon Corporations sFlow: A Method for Monitoring Traffic in Switched and Routed Networks,” 2001.
[24] JJ Allaire and François Chollet (2018). keras: R Interface to 'Keras'. R package version 2.2.4. https://CRAN.R-project.org/package=keras
[25] Venables, W. N. & Ripley, B. D. (2002) Modern Applied Statistics with S. Fourth Edition. Springer, New York. ISBN 0-387-95457-0
[26] Brandon Greenwell, Bradley Boehmke, Jay Cunningham and GBM Developers (2019). gbm: Generalized Boosted Regression Models. R package version 2.1.5. https://CRAN.R-project.org/package=gbm
[27] David Meyer, Evgenia Dimitriadou, Kurt Hornik, Andreas Weingessel and Friedrich Leisch (2019). e1071: Misc Functions of the Department of Statistics, Probability Theory Group (Formerly: E1071), TU Wien. R package version 1.7-1. https://CRAN.R-project.org/package=e1071
[28] Alexandros Karatzoglou, Alex Smola, Kurt Hornik, Achim Zeileis (2004). kernlab - An S4 Package for Kernel Methods in R. Journal of Statistical Software 11(9), 1-20. URL http://www.jstatsoft.org/v11/i09/
[29] Max Kuhn and Ross Quinlan (2018). C50: C5.0 Decision Trees and Rule-Based Models. R package version 0.1.2. https://CRAN.R-project.org/package=C50
[30] Andrea Peters and Torsten Hothorn (2018). ipred: Improved Predictors. R package version 0.9-8. https://CRAN.R-project.org/package=ipred
[31] A. Liaw and M. Wiener (2002). Classification and Regression by randomForest. R News 2(3), 18--22.