TCA1C DDoS Detection Model for Edge Computing

doi:10.19678/j.issn.1000-3428.0067572

Abstract

Abstract:

Edge computing compensates for the traditional cloud computing data transmission overhead. However, limited storage and computing resources in the edge network restrict its ability to deploy complex security algorithms, making it more vulnerable to Distributed Denial of Service(DDoS) attacks. This paper proposes a task classification-based Attention-1D-CNN detection model, TCA1C, aimed at solving problems in current edge networks, such as low performance in detecting DDoS, lack of a task classification mechanism, and weak ability to deal with multi-attribute traffic.First, the model classifies the traffic in the communication link according to different offloading tasks such that the overall offloading security is not affected when some tasks are attacked, and the attribute values of the traffic under the same task are extracted and normalized.Next, the model inputs the processed data into an Attention-1D-CNN. Channel and spatial attention determine the contribution of data features for classification and eliminate redundant information below the feature threshold, thereby reducing the complexity of the model learning process and allowing the model to converge quickly. The simulation results show that the accuracy of the TCA1C model in DDoS detection is as high as 99.73%, and the performance of the TCA1C model is better than those of the DT, ELM, LSTM, and CNN, with reduced detection time. When different offloading tasks face certain attack probabilities, traffic classification can effectively reduce the mutual influence of different tasks such that the computing tasks of the terminal equipment can maintain a high level of security during offloading.

Key words: edge computing, Distributed Denial of Service(DDoS) attack detection, task classification, attention mechanism, 1D-CNN module

摘要：

边缘计算弥补了传统云计算数据传输开销大的不足，但边缘网络中存储和计算资源受限的特殊性限制了其部署复杂安全算法的能力，更易受到分布式拒绝服务（DDoS）攻击。针对目前边缘网络中DDoS攻击检测方法性能不高、未对卸载任务分类处理、对多属性的流量处理能力弱的问题，提出一种基于任务分类的Attention-1D-CNN DDoS检测模型TCA1C，对通信链路中的流量按不同的卸载任务进行分类，使单个任务受到攻击时不会影响整个链路中计算任务卸载的安全性，再对同一任务下的流量提取属性值并进行归一化处理。处理后的数据输入到Attention-1D-CNN，通道Attention和空间Attention学习数据特征对DDoS检测的贡献度，利用筛选函数剔除低于特征阈值的冗余信息，降低模型学习过程的复杂度，使模型快速收敛。仿真结果表明：TCA1C模型在缩短DDoS检测所用时间的情况下，检测准确率高达99.73%，检测性能优于DT、ELM、LSTM和CNN；当多个卸载任务在面临特定攻击概率时，卸载任务分类能有效降低不同任务的相互影响，使终端设备的计算任务在卸载过程中保持较高的安全性。

关键词: 边缘计算, 分布式拒绝服务攻击检测, 任务分类, 注意力机制, 1D-CNN模块

Xiuyu SHEN, Weifeng JI, Yingqi LI, Xuan WU. TCA1C DDoS Detection Model for Edge Computing[J]. Computer Engineering, 2024, 50(1): 198-205.

申秀雨, 姬伟峰, 李映岐, 吴玄. 面向边缘计算的TCA1C DDoS检测模型[J]. 计算机工程, 2024, 50(1): 198-205.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0067572

http://www.ecice06.com/EN/Y2024/V50/I1/198

Figures/Tables 13

Fig.1 TCA1C model architecture

Fig.2 Offloading task classification process

Fig.3 Procedure of Attention-1D-CNN module

Fig.4 CA mechanism

Fig.5 SA mechanism

Fig.6 Convergence of accuracy for five models

Fig.7 Average time consuming per step of five models

Fig.8 Performance comparison of five models

Fig.9 Computing task security unloading probability

References 27

1	施巍松, 张星洲, 王一帆, 等. 边缘计算: 现状与展望. 计算机研究与发展, 2019, 56(1): 69- 89.
	SHI W S, ZHANG X Z, WANG Y F, et al. Edge computing: state-of-the-art and future directions. Journal of Computer Research and Development, 2019, 56(1): 69- 89.
2	XU W, TAO Y D, GUAN X. The landscape of Industrial Control Systems(ICS) devices on the Internet[C]//Proceedings of International Conference on Cyber Situational Awareness, Data Analytics and Assessment. Washington D. C., USA: IEEE Press, 2018: 1-8.
3	AWS Shield. Threat landscape report-Q1 2020[EB/OL]. [2023-05-06]. https://aws-shield-tlr.s2.amazonaws.com/2020-Q1_AWS_Shield_TLR.pdf.
4	CHOUHAN S. Energy optimal partial computation offloading framework for mobile devices in multi-access edge computing[C]//Proceedings of International Conference on Software, Telecommunications and Computer Networks. Washington D. C., USA: IEEE Press, 2019: 1-6.
5	王婷婷, 甘臣权, 张祖凡. 面向工业物联网的移动边缘计算研究综述. 计算机应用与软件, 2023, 40(1): 1-10, 65.
	WANG T T, GAN C Q, ZHANG Z F. Review on mobile edge computing for industrial Internet of Things. Computer Applications and Software, 2023, 40(1): 1-10, 65.
6	KAO Y H, KRISHNAMACHARI B, RA M R, et al. Hermes: latency optimal task assignment for resource-constrained mobile computing[C]//Proceedings of IEEE Conference on Computer Communications. Washington D. C., USA: IEEE Press, 2015: 1894-1902.
7	YOU C S, HUANG K B, CHAE H, et al. Energy-efficient resource allocation for mobile-edge computation offloading. IEEE Transactions on Wireless Communications, 2017, 16(3): 1397- 1411. doi: 10.1109/TWC.2016.2633522
8	战俊伟, 庄毅. 基于能耗与延迟优化的移动边缘计算任务卸载模型及算法. 计算机与现代化, 2022,(8): 86- 93.
	ZHAN J W, ZHUANG Y. Mobile edge computing task offloading model and algorithm based on energy consumption and delay optimization. Computer and Modernization, 2022,(8): 86- 93.
9	陈璐, 汤红波, 游伟, 等. 移动边缘计算安全防御研究. 网络与信息安全学报, 2021, 7(1): 130- 142.
	CHEN L, TANG H B, YOU W, et al. Research on security defense of mobile edge computing. Chinese Journal of Network and Information Security, 2021, 7(1): 130- 142.
10	宋宇波, 金星妤, 燕锋, 等. 车联网中移动边缘计算的安全高效节能卸载策略. 清华大学学报(自然科学版), 2021, 61(11): 1246- 1253.
	SONG Y B, JIN X Y, YAN F, et al. Secure and energy efficient offloading of mobile edge computing in the Internet of vehicles. Journal of Tsinghua University(Science and Technology), 2021, 61(11): 1246- 1253.
11	HUANG Z Y, XIA G M, WANG Z H, et al. Survey on edge computing security[C]//Proceedings of International Conference on Big Data, Artificial Intelligence and Internet of Things Engineering. Washington D. C., USA: IEEE Press, 2020: 96-105.
12	张晓东, 张朝昆, 赵继军. 边缘智能研究进展. 计算机研究与发展, 2023, 60(12): 2749-2764, 2769.
	ZHANG X D, ZHANG C K, ZHAO J J. Research progress of edge intelligence. Computer Research and Development, 2023, 60(12): 2749-2764, 2769.
13	ALZAHRANI R J, ALZAHRANI A. Security analysis of DDoS attacks using machine learning algorithms in networks traffic. Electronics, 2021, 10(23): 2919. doi: 10.3390/electronics10232919
14	董瑞洪, 闫厚华, 张秋余, 等. 基于深度森林算法的分布式WSN入侵检测模型. 兰州理工大学学报, 2020, 46(4): 103- 109.
	DONG R H, YAN H H, ZHANG Q Y, et al. Distributed WSN intrusion detection model based on deep forest algorithm. Journal of Lanzhou University of Technology, 2020, 46(4): 103- 109.
15	田婷, 虞延坤, 牛新征. 边缘计算环境下基于深度学习的DDos检测. 计算机测量与控制, 2023, 31(7): 28-34, 168.
	TIAN T, YU Y K, NIU X Z. DDos detection based on deep learning in edge computing environment. Computer Measurement & Control, 2023, 31(7): 28-34, 168.
16	SINGH P, JAYKUMAR J, PANKAJ A, et al. Edge-detect: edge-centric network intrusion detection using deep neural network[C]//Proceedings of the 18th Annual Consumer Communications and Networking Conference. Washington D. C., USA: IEEE Press, 2021: 1-6.
17	李晓佳, 赵国生, 汪洋, 等. 面向CNN和RNN改进的物联网入侵检测模型. 计算机工程与应用, 2023, 59(14): 242- 250.
	LI X J, ZHAO G S, WANG Y, et al. Improved intrusion detection model of Internet of Things for CNN and RNN. Computer Engineering and Applications, 2023, 59(14): 242- 250.
18	DORIGUZZI-CORIN R, MILLAR S, SCOTT-HAYWARD S, et al. LUCID: a practical, lightweight deep learning solution for DDoS attack detection. IEEE Transactions on Network and Service Management, 2020, 17(2): 876- 889. doi: 10.1109/TNSM.2020.2971776
19	KIRANYAZ S, AVCI O, ABDELJABER O, et al. 1D convolutional neural networks and applications: a survey. Mechanical Systems and Signal Processing, 2021, 151, 107398. doi: 10.1016/j.ymssp.2020.107398
20	KIRANYAZ S, GASTLI A, BEN-BRAHIM L, et al. Real-time fault detection and identification for MMC using 1-D convolutional neural networks. IEEE Transactions on Industrial Electronics, 2019, 66(11): 8760- 8771. doi: 10.1109/TIE.2018.2833045
21	刘达山, 刘潞琦, 张光驰, 等. 基于深度学习的Attention机制文献综述. 信息技术与信息化, 2023,(1): 189- 194.
	LIU D S, LIU L Q, ZHANG G C, et al. Literature review of attention mechanism based on deep learning. Information Technology and Informatization, 2023,(1): 189- 194.
22	WANG Q L, WU B G, ZHU P F, et al. ECA-Net: efficient channel attention for deep convolutional neural networks[C]//Proceedings of IEEE/CVF Conference on Computer Vision and Pattern Recognition. Washington D. C., USA: IEEE Press, 2020: 11531-11539.
23	WOO S, PARK J, LEE J Y, et al. CBAM: convolutional block attention module[C]//Proceedings of ECCV 2018. Berlin, Germany: Springer, 2018: 1-10.
24	SHARAFALDIN I, LASHKARI A H, HAKAK S, et al. Developing realistic Distributed Denial of Service(DDoS) attack dataset and taxonomy[C]//Proceedings of 2019 International Carnahan Conference on Security Technology. Washington D. C., USA: IEEE Press, 2019: 1-10.
25	李忠成, 高惠燕, 张文祥. 边缘计算中改进ELM的高效入侵检测算法. 计算机测量与控制, 2021, 29(7): 223-228, 234.
	LI Z C, GAO H Y, ZHANG W X. An efficient edge computing intrusion detection algorithm based on improved ELM. Computer Measurement & Control, 2021, 29(7): 223-228, 234.
26	MYNENI S, CHOWDHARY A, HUANG D J, et al. SmartDefense: a distributed deep defense against DDoS attacks with edge computing. Computer Networks, 2022, 209, 108874. doi: 10.1016/j.comnet.2022.108874
27	HUANG H C, YE P X, HU M, et al. A multi-point collaborative DDoS defense mechanism for IIoT environment. Digital Communications and Networks, 2023, 9(2): 590- 601. doi: 10.1016/j.dcan.2022.04.008

[1]	Shiming PENG, Shiyang LIN, Shuo JIA, Miaohui YANG. Multi-Objective Optimization Task Offloading Strategy Based on Load Prediction [J]. Computer Engineering, 2024, 50(1): 206-215.
[2]	Ruijun YANG, Jinjing QIN, Yan CHENG. Low-Light Enhancement Model in Natural Scenes Based on Generative Adversarial Network [J]. Computer Engineering, 2024, 50(1): 279-288.
[3]	Xiaofeng XU, Yunzhi HUANG, Jun XU. Dual-Branch Vascular Segmentation Model Based on Anisotropic Attention [J]. Computer Engineering, 2024, 50(1): 348-356.
[4]	Zhiqiang WU, Qing XIE, Lin LI, Yongjian LIU. Graph Neural Network Recommendation Algorithm Based on Multimodal Fusion [J]. Computer Engineering, 2024, 50(1): 91-100.
[5]	Wenshun SHENG, Xiongfeng YU, Jiayan LIN, Xin CHEN. Small-Scale Object Detection Algorithm Integrating Attention and Feature Pyramids [J]. Computer Engineering, 2024, 50(1): 242-250.
[6]	Xiaodong SU, Shizhou LI, Jiayuan ZHAO, Hongyu LIANG, Yurong ZHANG, Hongyan XU. Image Semantic Segmentation Based on Multi-level Superposition and Attention Mechanism [J]. Computer Engineering, 2023, 49(9): 265-271, 278.
[7]	Jing YANG, Minghua LU, Jieqiong MA, Jinping WU, Xingxuan LIU. Underwater Defense Posture Prediction Method Based on Alternating Recurrent Neural Network [J]. Computer Engineering, 2023, 49(9): 69-78.
[8]	Lu HAN, Weigang HUO, Yonghui ZHANG, Tao LIU. Multivariate Time Series Forecasting Based on Multi-Scale Feature Fusion and Dual-Attention Mechanism [J]. Computer Engineering, 2023, 49(9): 99-108.
[9]	Yujiang LONG, Wei WEI, Yu SHU, Zhenggang ZHANG, Daolei WANG, Feng LI. Detection Method for Damaged Rotating Insulator Based on Adaptive Key Points [J]. Computer Engineering, 2023, 49(9): 272-278.
[10]	Fangyu FENG, Xiaoshu LUO, Zhiming MENG, Guangyu WANG. Facial Expression Recognition Based on Anti-Aliasing Residual Attention Network [J]. Computer Engineering, 2023, 49(8): 190-198.
[11]	Shupeng WANG, Yindi HE. Uneven Illumination Image Enhancement Algorithm Fusing Feature Attention Mechanism [J]. Computer Engineering, 2023, 49(8): 232-239.
[12]	Haoxin LIU, Chao DONG, Zhinan GOU, Kai GAO. Few-Shot Relation Extraction Method Fusing with Hybrid Representation [J]. Computer Engineering, 2023, 49(8): 63-68.
[13]	Changpei YANG, Liefa LIAO. Chinese Named Entity Recognition Based on Dilated Gated Convolution Feature Fusion [J]. Computer Engineering, 2023, 49(8): 85-95.
[14]	Yuqi BAN, Liguo DUAN, Haoyu WEN, Aiping LI, Jumin ZHAO. Research on Mobility-Aware Computation Offloading and Resource Allocation Strategy [J]. Computer Engineering, 2023, 49(8): 163-173.
[15]	Junhao LIU, Meilin WANG, Xing XIE, Yexing SONG, Lihua XU. Leather Defect Detection Algorithm Based on Improved YOLOv5 [J]. Computer Engineering, 2023, 49(8): 240-249.

Please choose a citation manager

Content to export