Active Defense by Mimic Association Transmission in Edge Computing

A large amount of real-time data, including user privacy information, control commands, and other sensitive data, are transmitted in edge computing networks. It requires high-speed and reliable data transmission in dynamic edge computing networks. Traditional methods with passive defense cannot cope with the covert and complicated attacks. Edge computing networks require active defense during data transmission. Existing active defense methods based on dynamic network ignore the connectivity and link quality reduced by attacks and do not adjust defense positively. To maximize the defense revenue in moving adjustment strategy, this paper proposes the model of active defense for edge computing network data interaction. In this model, the network topology mimic association protocol is designed to associate multi-paths and multi-parameters automatically. On one hand, considering the transmission reliability and defensive revenue reduction caused by dynamic network transformation, a real-time multi-feature anomaly detection algorithm based on Non-extensive entropy and Renyi cross entropy is proposed. Based on this, a moving communication path alliance can be constructed pseudo-randomly. On the other hand, this paper proposes a Hidden Markov based state prediction model and a mimic transformation strategy for The Network Topology Mimic Association Graph based on predicted states. Combining these two ways improves the data transmission service quality of the active defense technology in edge computing networks. Experiments are carried in simulated power networks. The results show that our method outperforms the popular methods in terms of transmission efficiency, reliability, and anti-attack performance.

[1]  Yu-Chee Tseng,et al.  Energy-Efficient Uplink Resource Units Scheduling for Ultra-Reliable Communications in NB-IoT Networks , 2018, Wirel. Commun. Mob. Comput..

[2]  Lilan Liu,et al.  Automated Quantitative Verification for Service-Based System Design: A Visualization Transform Tool Perspective , 2018, Int. J. Softw. Eng. Knowl. Eng..

[3]  Yucong Duan,et al.  Toward service selection for workflow reconfiguration: An interface-based computing solution , 2018, Future Gener. Comput. Syst..

[4]  Idit Keidar,et al.  Keeping Denial-of-Service Attackers in the Dark , 2007, IEEE Trans. Dependable Secur. Comput..

[5]  Jianhua Sun,et al.  DESIR: Decoy-enhanced seamless IP randomization , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[6]  Michael Atighetchi,et al.  Adaptive use of network-centric mechanisms in cyber-defense , 2003, Second IEEE International Symposium on Network Computing and Applications, 2003. NCA 2003..

[7]  Yueshen Xu,et al.  QoS Prediction for Mobile Edge Service Recommendation With Auto-Encoder , 2019, IEEE Access.

[8]  Honghao Gao,et al.  Applying Probabilistic Model Checking to Financial Production Risk Evaluation and Control: A Case Study of Alibaba’s Yu’e Bao , 2018, IEEE Transactions on Computational Social Systems.

[9]  Ming Wan,et al.  Event-based Anomaly Detection for Non-public Industrial Communication Protocols in SDN-based Control Systems , 2018 .

[10]  Joseph G. Tront,et al.  MT6D: A Moving Target IPv6 Defense , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[11]  Kang Zhang,et al.  Applying improved particle swarm optimization for dynamic service composition focusing on quality of service evaluations under hybrid networks , 2018, Int. J. Distributed Sens. Networks.

[12]  Sai Ji,et al.  Energy-efficient cluster-based dynamic routes adjustment approach for wireless sensor networks with mobile sinks , 2017, The Journal of Supercomputing.

[13]  Mianxiong Dong,et al.  Learning IoT in Edge: Deep Learning for the Internet of Things with Edge Computing , 2018, IEEE Network.

[14]  Yueshen Xu,et al.  QoS Prediction for Service Recommendation with Deep Feature Learning in Edge Computing Environment , 2019, Mob. Networks Appl..

[15]  Yueshen Xu,et al.  Network Location-Aware Service Recommendation with Random Walk in Cyber-Physical Systems , 2017, Sensors.

[16]  Kevin S. Bauer,et al.  Have No PHEAR: Networks Without Identifiers , 2016, MTD@CCS.

[17]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[18]  Chunfu Jia,et al.  Research on Spatial Adaptive Strategy of End-Hopping System , 2013, 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies.

[19]  Jing Long,et al.  A Security Situation Prediction Algorithm Based on HMM in Mobile Network , 2018, Wirel. Commun. Mob. Comput..

[20]  D. Stork Optics and realism in Renaissance art. , 2004, Scientific American.

[21]  Jianqing Zhang,et al.  Application-Aware Secure Multicast for Power Grid Communications , 2010 .

[22]  Jiafu Wan,et al.  Toward Dynamic Resources Management for IoT-Based Manufacturing , 2018, IEEE Communications Magazine.

[23]  F. Richard Yu,et al.  A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things , 2018, IEEE Communications Magazine.

[24]  Qi Shi,et al.  Beyond the perimeter: the need for early detection of denial of service attacks , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[25]  Ehab Al-Shaer,et al.  Spatio-temporal Address Mutation for Proactive Cyber Agility against Sophisticated Attackers , 2014, MTD '14.

[26]  Bin Luo,et al.  Timing Channel in IaaS: How to Identify and Investigate , 2018, IEEE Access.

[27]  Marcin Szpyrka,et al.  An Entropy-Based Network Anomaly Detection Method , 2015, Entropy.

[28]  Jian Wan,et al.  Location-Aware Service Recommendation With Enhanced Probabilistic Matrix Factorization , 2018, IEEE Access.

[29]  Joseph G. Tront,et al.  The Blind Man's Bluff Approach to Security Using IPv6 , 2012, IEEE Security & Privacy.

[30]  Evangelos P. Markatos,et al.  Defending against hitlist worms using network address space randomization , 2007, Comput. Networks.

[31]  P. V. S. S. R. Chandra Mouli,et al.  A robust semi-blind watermarking for color images based on multiple decompositions , 2017 .

[32]  Craig A. Shue,et al.  The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking , 2015, MTD@CCS.

[33]  Mugen Peng,et al.  Edge computing technologies for Internet of Things: a primer , 2017, Digit. Commun. Networks.

[34]  Yang Haopu,et al.  Method for behavior-prediction of APT attack based on dynamic Bayesian game , 2016, 2016 IEEE International Conference on Cloud Computing and Big Data Analysis (ICCCBDA).

[35]  Rodrigo Roman,et al.  Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges , 2016, Future Gener. Comput. Syst..