A Resource-Based Pricing Collaborative Approach for Mitigating DDoS Attack in Mobile Edge Computing

Lu Chen,Hongbo Tang,Wei You,Yi Bai

Information Engineering University,Zhengzhou 450002,China

Abstract: Resource-constrainted and located closer to users,edge servers are more vulnerable to Distributed Denial of Service(DDoS)attacks.In order to mitigate the impact of DDoS attacks on benign users,this paper designed a Resource-based Pricing Collaborative approach (RPC) in mobile edge computing.By introducing the influence of resource prices on requester in economics,a collaboration model based on resource pricing was established,and the allocation of user request was regarded as a game strategy to obtain the overall minimum offloading cost of the user in network.The article theoretically proved the existence and rationality of the Nash equilibrium.Finally,simulation results verified the effectiveness and feasibility of the proposed approach in two experimental scenes.Experimental results shows that RPC can effectively improve the network ability to mitigate DDoS attacks,and alleviate the adverse effects of server attacks under delay constraints.

Keywords: mobile edge computing;DDoS attacks;resource-based pricing;game theory;Nash equilibrium

I.INTRODUCTION

With the constant development of software and hardware in recent years and complex mobile applications of mobile devices,the calculating mobile terminals need to handle significantly growing needs.The existing cloud computing can solve problems that cannot be handled locally to a certain extent.However,due to its long transmission distance and long delay,the existing cloud computing fails to meet the timeintensive and safety-intensive requirements [1],and thus is not suitable for mobile applications such as Augmented Reality(AR)[2],Virtual Reality(VR)[3]and auto-driving vehicular networks [4].Therefore,mobile edge computing (MEC [5]) came into being.MEC provides smart service and cloud computing capabilities for mobile networks by deploying computing capacity and storage resources at the edge of the network,thereby providing users with ultra-low latency and high-bandwidth network service solutions.

While providing users with high-quality services,the MEC also faces new security challenges.On the one hand,MEC is deployed adjacently to expose the server to the edge of the network as needed,which objectively shortens the distance between the attacker and the MEC physical facility which provides convenience and opportunities for attacker to access MEC physical facility.On the other hand,MEC allows third-party access through open interfaces,thus inviting malicious users.Attackers can invade the MEC server through third-party applications,leading to security threats such as illegal access to MEC server,for instance,node intrusion,data leakage,and information tampering [6].Particularly,due to the limited of computing resources,storage resources,and energy resources of the MEC server nodes,attackers can launch specific request to form Distributed Denial of Service(DDoS)attacks by malicious offloading,resulting in the exhaustion of edge nodes and leading to QoS degradation or service failure,especially for low-latency benign users.For example,in 2016,the number of Mirai zombies [7] that radiated the world has reached one million,which were used to carry out DDoS attacks on websites and service providers:KrebsOnSecurity.com,French website host OVH,and American domain name service provider Dyn.

Therefore,it is necessary to mitigate the impact of DDoS attacks.Since the density of edge servers in the actual network in 5G deployment can reach 50 base stations perkm2,and the servers will be connected by high-speed links[8],we can take advantage of the edge server for collaboration,which used idle servers resources to provide additional help for alleviating the adverse effects of DDoS.Based on the rational choice principle in general market economics and Mankiw economic theory [9],this article makes the following assumptions:

A.The market hopes that the transaction participants will be satisfied,and the benefits of the resource providers will be roughly balanced.

B.In the case of using the same service,a requester wants to pay as low as possible.

C.Different servers have the same price adjustment methods for alleviating offloading,and the price adjustment methods for local users are relatively fixed.

In view of this,this study focuses on how to reasonably select the best offloading strategy for the requester by MEC idle resource based on Resource Pricing,with the goal of minimizing the overall network overhead in order to alleviate the impact of DDoS attacks.The main contributions of this article are listed as follows:

? In order to alleviate the offloading request allocation problem under DDoS attacks,this paper introduced the pricing mechanism in economic principles and established the MEC mitigation cost model with optimization goals.

? To solve the request allocation problem,it is essential to find the best offloading solution,which involves a large number of strategies.To deal with the highly complex issue,this paper proposed a game model for large-scale offloading,and theoretically proved that the proposed game model is a potential game and admits at least one Nash equilibrium.

? Extensive evaluations have been conducted on a small-scale dataset and a real-world dataset to demonstrate the effectiveness and efficency of the proposed approach.The results show that our approach outperform the state-of-the-art and baseline approaches in terms of cost and latency.

The rest of the article is organized as follows: Section II briefly introduces related work and research status.Section III presents an example to describe the motivation.Section IV introduces the establishment and optimization goals of the cost model.Section V proves the existence of Nash equilibrium and the rationality of the optimization results from a theoretical perspective.Section VI analyzes the effectiveness of our proposed approach from an experimental perspective.Finally,Section VII summarizes the work of this paper.

II.RELATED WORK

In this section,we briefly describe the research status of DDoS attacks defense technology in cloud computing and MEC.

2.1 DDoS Attack in Cloud Computing

DDoS attack is a universal key attack[10],which has plagued MEC for several years.In order to reduce the impact of DDoS attacks on the network,researchers have solved this problem in the following ways: Prevention,Detection and Mitigation Techniques.The prevention mechanism in cloud computing can be regarded as an active strategy for all users,among which the commonly technologies are Challenge/Response protocol [11],Hidden Servers/Ports [12],Restrictive source,and Access approach [13,14].Attack detection methods distinguish between benign and malicious attacks by analyzing and evaluating access services on the cloud server.The main technologies are Anomaly Detection [15],BotCloud Detection [16],and Usage of Resource Method [17].The mitigation technology in cloud computing plays its role mainly by migrating the request to other available servers to provide computing services for benign users[18—20],which adopts the side-cloud collaborative approach to alleviate the adverse effects of DDoS.The key in the mitigation technology is to match the offloading request with the resource in cloud.This paper focuses on the mitigation technology of DDoS attacks,balancing the server status based on the impact of server resource pricing on offloading requests,thereby providing service guarantees for users in the network.

2.2 DDoS Attacks in Mobile Edge Computing

Compared with cloud computing,the processing power and storage capacity of mobile edge servers are limited,and the deployment position of edge servers in the network is also different from that of cloud servers.Therefore,in dealing with DDoS attacks,it is necessary to redesign and consider the defense methods of DDoS attacks based on different characteristics.In the MEC environment,most studies focuses on the trade-off between delay and energy consumption,while there are relatively few solutions for mitigating DDoS attacks.The purpose of almost all studies is to improve the quality of service for users by optimizing the offloading scheme.

To improve the offloading success rate under resource-constrained conditions through the trade-off of delay and energy consumption,Dad et al.[21]jointed task allocation and resource allocation problems to maximize energy,and less terminal application latency.Liu et al.[22] focused on minimizing the relaxation time,reducing the interval between subtasks in the server to improve the efficiency.Erf et al.[23] designed a multi-resource allocation mechanism to accommodate external resources,and proved that its algorithm can achieve Pareto optimal.Aiming at the scenario where MEC is used for computational offloading in the Internet of Vehicles,a multilevel offloading mechanism is designed according to the Stackelberg game theory [24],in which the existence of the Nash equilibrium is proved.Li et al.[25]used a deep reinforcement learning algorithm to solve the complex computation offloading problem for the heterogeneous Edge Computing Server(ECS)collaborative computing.In addition,there are articles aiming at the risk of offloading and introducing Prospect Theory and Tragedy of the Commons to increase the expected unity of users and reduce the risk of network offloading[26,27].

Although these optimization strategies can improve user service quality to a certain extent,they are not focused on mitigation methods under DDoS attacks.There is not much research on the mitigation methods of DDoS attacks[28—30].Tan et al.introduced a defense orchestrator,which was responsible for defense cooperation between the MEC,in order to reduce the failure rate of the user to offload[28].Yet this added an additional control entity,increasing the complexity of management.Yan et al.introduced the ballsand-bins theory to balance the load of edge servers by reducing the length of the waiting queue of the entire network[29].This method can be transplanted to MEC,but it is more suitable for mobile cloudlet network.Lai et al.[30]proposed an approach to solve the user allocation problem which can maximize the number of users.The QoS level,or the computing resource requirement,of each user can be flexibly adjusted,but changing the user’s Qos level is only suitable for specific application scenarios,and it did not play a fundamental role in mitigating DDoS attacks.Therefore,it is necessary to develop a method to mitigate DDoS attacks in MEC to ensure the offloading service of benign users.

This article aims to improve the quality of offloading services for users by minimizing the cost of users across the entire network.With the cooperation between MEC servers,the proposed RPC approach exploits the idle resources to help other server under DDoS attacks,which can alleviate the impact of DDoS attacks on the network.

III.MOTIVATION

In this section,we introduce the research motivation for this paper and give an example for further illustration.

DDOS attackers can launch an attack as mobile devices deployed in the network send a large number of computing tasks to a specific MEC server or launch a malicious offloading,resulting in an oversupply of workload resources in the MEC.This leads to node service failure.Meanwhile,it may cause other user services to time out.When there are one or more DDoS attackers in the edge computing network,the malicious user could consume the limited computing and storage resources of the MEC servers excessively,which resulting in unsatisfied requests of benign users.To solve this problem,it is necessary to design a MEC collaboration method to mitigate the impact of DDoS attacks.As shown in Figure 1,the network involves 5 MEC servers(s1,s2,...,s5)and 7 users (u1,u2,...,u7).There is a corresponding connection relationship between the MEC servers.Each server covers a certain geographic location and can perceive the user requests within its own coverage.Unfortunately,there are two DDoS attackers in the network,u2andu7respectively,which launched attacks on MEC serverss3ands4by abusing their service resources to cause service failure.At this time,fortunately,other idle servers can cooperate to provide resources to solve incoming service requests.Bothu1andu3can be diverted tos1,s2ors5through the connection relationship between the MEC servers upon satisfying the time delay constraint.However,it can be seen from many possible choices that due to the different proportion in the current idle state of each server,there are optimal and sub-optimal solutions.It is the worst case that bothu1andu3chooses2for offloading service.Meanwhile,the capacity ofs2is already close to saturation.It will be unable to provide services for newly arrived requests for alleviating other users,and it needs to be transmitted to a further MEC server,such ass1,ors5throughs3.By this way,it will not only bring additional transmissions overhead,but also unnecessary delay impact.It can be seen from the example that considering additional transmission costs and server idle state,it is better to offloadu1andu3tos1than to offload them to the other two candidate servers.Therefore,with the goal of minimizing the offloadinging cost of users across the entire network,this article designs a collaborative method through server resource-based pricing to reduce the impact of DDoS attacks on MEC.

Figure 1.An example of mitigating request with DDoS attackers in mobile edge servers.

Figure 2.The flow chart of RPC.

IV.PROBLEM FORMULATION

In this section,we formulate the mitigation problem into network model,cost model and optimization model,and offer a solution.

4.1 Network Model

We setS=(s1,s2,...,sm) representing themMEC servers andUSER=(u1,u2,...,un) representing thenusers with its request task asTASK=task(i),i ∈ Uin the mobile computing network,and each server has a capacity ofCAP=(cap1,cap2,...,capm),which comprehensively includes computing capacity,and storage capacity.Adjacent MEC servers can transmit user service requests,and provide services for users who are not within its coverage area through collaboration.We define the occupation state of each server at timetasSTATE=(state1(t),state2(t),...,statem(t)),statej(t)∈[0,1],?j ∈m.The occupation status of the server will be updated after each round of request placement.

Since the transfer between servers will bring additional overhead,which is mainly reflected in the time delay,we set a maximum tolerance constrainthopmaxfor each request to represent delay constraints,which is the maximum number of hops that MEC servers can tolerate to transfer.The value ofhopmaxcan be specifically set according to the user’s sensitivity to the delay requirements.For example,the larger thehopmax,the looser the user’s requirements for time delay,and the more urgent it is to successfully offload the service,and vice versa.Largerhopmax,more mitigation costs will be brought.Therefore,it is necessary to comprehensively consider the idle state of the network server and the user constraint requirements.

4.2 Cost Model Based on Resource Pricing

In order to select the best solution to alleviate the request distribution,we borrowed economic theory to schedule and manage MEC network server resources.From the perspective of the service requester,we design some cost functions for requester to offload under the collaborative approach of MEC servers.

In the RPC approach proposed in this paper,we first determine the pricing rules when the server state is busy or idle.Here,first of all,it is clear that the price proposed in this article refers to the amount of energy consumed by unit tasks offloaded to the MEC server.Then,the influence of resource’s price on requester in economics is introduced as a determining method forselecting suitable service providers.Finally,the cost function of the requester in the network at a certain time is minimized to alleviate the impact of DDoS attackers on normal users’requests.The main symbols and descriptions involved in the article are shown in Table 1.

Table 1.Main symbols and description.

Table 2.Experiment settings of Scene 1.

The cost function is discussed in three cases.First,local service;second,the mitigation approach based on resource pricing is activated,with service successfully provided;and the third,the mitigation approach is activated but the computing offloading failed,as shown in Figure 2.First of all,we define a basic pricep0for each MEC server,which is the cost price in a completely idle state and the lowest price when providing services to users in its own coverage area.If a useruiis within the coverage of the MEC serversj,and the spare service ofsjcan meet the amount of offloadingtask(i),then the user will first choose the MEC server to which he belongs,and there is no need to cooperate to alleviate the offloading service.Therefore,the offloading cost ofuitosjin the most ideal situation is shown in Eq.(1a):

Figure 3.Topology of Scene 1.

Figure 4.Cost VS penalty/p0 with different hopmax.

Here Eq.(1b) emphasizesuibelonging to the MEC serversj,and Eq.(1c) ensures that the current idle state of the server can meet the needs oftask(i).

In the second case,if the currently attributable server cannot meet the service demand,the mitigation offloading mode needs to be turned on.In this case,the service price of the offload server will be priced based on its idle state,and it will definitely be higher than the service price of the local task.

The value of floating price ?pj(t)depends on the idle state of the server.The more the remaining service resources of the server,the smaller the ?pj(t) while the less remaining service resources of the server,the lager the ?pj(t).We choose a functionf(statej(t))to define the change in ?pj(t)withstatej(t)at timet.

In the second case,the cost function ofuitosjis defined as Eq.(4a):

For the third case,in spite of the collaborative mitigation and diversion measures,the offloading still fails.At this time,the cost fromuitosjis defined as Eq.(5a):

wheremissrepresents the penalty coefficient for offloading failure(such as retransmission).This value is much greater than thep0.

Summarizing the above three scenarios,we can get the offloading cost function from useruitosjas Eq.(6).

4.3 Optimization Model with Game Theory

Based on the cost model of resource-based pricing in Section 4.2,the optimization model objective can be defined as finding the minimum value of the cost function of all users in the network under the constraint conditions.In order to solve this problem,we introduce the game theory,which regards the user’s task request and server selection as a series of strategies.We defineA{i,j}means thatuiselectssjto offload task,where A is a binary number.

Then,we can get an optimization target based on the selected strategy,as shown in Eq.(8a):

Under Eq.(8b) constrains that each user can only select one server for offloading,and Eq.(8c) reflects the user’s constraints on delay.In Eq.(8d),if Γ(i,j)=0 indicates that the offloading is successful,Γ(i,j)=1 indicates that the offloading fails.In this way,we can obtain RPC for mitigating DDoS attacks in MEC according to Eq.(8a).

V.THEORETICAL ANALYSIS AND ALGORITHM DESIGN

In this section,we conduct a theoretical analysis on the rationality of the solution of the optimization model,and make a specific description of the algorithm.

5.1 Theoretical Analysis

This study transforms the global optimization problem of resource pricing-based offloading by users in MEC into a cost function-based resource offloading game for user nodes.This section makes a specific analysis of the game model,proving that the game model is a potential game with a given potential function,and the existence of Nash equilibrium in the game is also confirmed.Therefore,the Nash equilibrium can be achieved through the distributed game between edge nodes,so that the global cost function value in the system tends to be stable.

5.1.1 Game Formulation

First of all,we establish a game model for the offloading decision of user nodes in MEC,and then find the optimal solution of Eq.(8a).The users are simulated as individual players,making allocation decisions to specific edge servers.The specific offloading strategy adopted by useriis recorded asai=j(j ∈{0,m} ∪) for eachi ∈n.The set of all possible allocation strategies fornusers in the MEC network is recorded asAi,?ai ∈Ai.We usea?i=(a1,a2,...,ai?1,ai+1,...,an?1,an) to represent the allocation decisions made for all the other user nodes except useri.For a givena?i,the goal of the user node is to maximize its own profit function byai:

whereUn(ai,a?i) can be expressed by the following Equation:

Therefore,the user task offloading game in this article can be expressed asG={I,Ai,Un,n∈I},whereIis the set of user nodes participating in the game,Aiis the allocation strategies of all user nodes,andUnis the revenue function of users.

5.1.2 Game Property

User nodes in the game seek to maximize their own interests.When all user nodes in the game cannot change their own strategies to increase their own profits,it is called a Nash equilibrium.

Proof.We e assume that there is another optimal strategywhich can lower the entire network costs by collaborating with the server.According to the assumption,there should be Eq.(11).

Here we divided it into four scenarios for discussion.

Case 1.,which means that the optimal strategy and other strategies have failed to offload.Eq.(11)is simplified to:

Since the first term of Eq.(13)is a non-negative number,and the second term is also a non-negative number with the condition of Eq.(5d),the value of Eq.(13)is greater than 0,which is contrary to Eq.(11).Thus this assumption does not hold.Case 4.which means that bothhave offloaded successfully.We introduce the potential function to prove the existence of Nash equilibrium.

Theorem 2.(Potential Game) In Case4,given Eq.(14)is the potential function of the game[31],the task offloading game model G is the potential game.

Therefore,Theorem 2 holds.

Theorem 3.At least one Nash equilibrium exists in the potential game model G.Proof.The strategy combinationSTis a sequence subset composed of theAi,?ST=st1,st2,...,st|ST|,ST ∈ Ai.AnySTelement in the strategy combination satisfiesUi(str+1,a?i)≥Ui(str,a?i),?str ∈ST,that is,the profit of the latter element in the strategy sequenceSTis higher than the previous one,and the sequence is called an improvement path,because in a given MEC system,the elements of the strategy spaceAiof the useriare limited.The strategy combinationSTis also limited,and therefore the improvement path is limited.GameGhas finite improvement properties(Finite Improvement Properties,FIP),and thus there must be at least one finite improvement path,so that the income function grows with the improvement path,and finally reaches the maximum value,or the Nash equilibrium.Therefore,Theorem 3 holds.In summary,combining the above four situations,the optimization problem of Eq.(9)can be solved by game theory.Therefore,Theorem 1 holds.

5.2 Algorithm Design

Algorithm 1.The RPC algorithm.

In order to further realize the application of the cost model,we have designed a RPC distributed algorithm.The specific algorithm description is expanded below.

The purpose of the RPC algorithm is to find the minimum cost of all end users in network.The algorithm calculates the user’s offloading cost based on the three cases in Section 4.2 (Lines 1-18).Before each selection,it will first determine whether the current server’s busy/idle status can meet the task load of this offload and the delay constraint,through the interconnection between edge servers or base stations [32].If there is a strategythat could bring a cost less thansj,then the offloading strategy will be updated(Lines 3-14).Particularly,if there is the same minimum cost existing in multiple strategies,a strategy is randomly selected to offloading.In addition,the RPC algorithm will regard theA′{i,j}as an alternative strategy for other players to make decision updates(Lines 19-24).Therefore,the algorithm will eventually reach a Nash equilibrium,when there are no more strategies that canreduce the offloading cost of users across the entire network.

VI.PERFORMANCE EVALUATION

In this section,we evaluate the performance of RPC approach through small-scale network and real-scale network,and then we will analyze the experimental results.

6.1 Experiment Settings

We set up two sets of experiments for performance evaluation: one is a small-scale network experiment(Scene 1),and the other is an real-scale network experiment(Scene 2).In Scene 1,we conducted parameter discussion and performance simulation on small-scale networks,of which topology is shown in Figure 3.To get closer to reality,we adapt the widely used public data set EUA dataset[33]as the experimental data in Scene 2.

The EUA dataset is collected from real-world data sources which contains the geographical locations of end-users and cellular base stations in Australia.Here we regard each cellular base station as a MEC server that can provide offloading services.We randomly select 128 edge nodes in Melbourne in the data set as theMEC environment,and the coverage radius of each MEC server is randomly set from 50 to 300 meters.Figure 9 shows the location and coverage of the MEC server.

In order to verify the effectiveness of the RPC approach,we discussed and analyzed the offloading cost and the average latency in the two scenes under the changes of five parameters through simulation process.Among them,the simulation environment condition settings of the two experiments are shown in Table 2 and Table 3.We choose three other methods as comparison in both Scene 1 and Scene 2,which are random,polling and DQS2019 [30] (Dynamic Quality of Service).In particular,the comparative analysis of the convergence time is further verified in Scene 2.Random algorithm will randomly select a server withinhopmaxand state constraint for each offloading user.Polling algorithm will select the server in order to offload,which meet thehopmaxand state constraint.DQS2019 solves the offloading allocation problem where each user has a fixed QoS level,and always selects the cheapest price in the time constraint.ALL experiments are written in Matlab 2019b and conducted on a Window machine equipped with Intel Core i7-10875H processor (4CPUs,2.3GHz) and 16GB RAM.Without loss of generality,all simulations are performed 100 times and averaged as the final performance.

6.2 Experiment Scene 1

First of all,we simulate the cost of user offloading in a small-scale network.Table 2 presents the detailed parameters setting of Scene 1.In the experiment,the parameters of the server,penalty/p0,hopmax,capacity,and the attacker target servers are sequentially changed to analyze the cost function.In particular,according to the constraint condition of Eq.(8a),the relationship betweenpenalty/p0,hopmaxconstraint and cost function is discussed.In order to simplify the analysis,we set the task to be 1.

6.2.1 Parametric analysis

Figure 4 shows the relationship between the cost value andpenalty/p0,under differenthopmax.It can be seen from the Figure 4 that the value of the cost function increases as the size ofpenalty/p0gradually increases.Because the increase in the value ofpenalty/p0means that users are more sensitive to delay constraints.Therefore,the values ofpenalty/p0should be set according to the user’s sensitivity to delay and the user’s ability to pay for resources.However,with the increase ofhopmax,the overall cost is not always reduced.For example,whenhopmax=2 or 3,since there are more servers that can be selected,it is convenient for users to choose servers with more idle resources for offloading,so the cost is lower thanhopmax=1.Although whenhopmax=4 there is with more choices,the total cost will not be further reduced,because more hops will bring more other overheads such as time and energy.Therefore,to integrate server idleness and delay constraints,we choosehopmax=3 as the simulation solution in most scenes.Emphasized that,hopmaxcan be changed according to the specific environment in the network.

6.2.2 Evaluation Performance

In Scene 1,we evaluate the performance from four aspects: scalability,parameter influence,server capability and anti-attack capability.Figure 5 and Figure 6 show the results of Scene 1,including the simulation results of the total offloading cost and average latency achieved by four methods under different parameter settings.In all scenarios,the RPC maintains the smallest overhead and the lowest offloading delay,and other methods are significantly higher than RPC.

Figure 5.Experimental results of Scene 1 in cost.

Figure 6.Experimental results of Scene 1 in latency.

Figure 7.Experimental results of Scene 2 in cost.

Figure 8.Experimental results of Scene 2 in latency.

Scalability:Figure 5a and Figure 6a shows the relationship between the total cost and average latency with the number of servers under four strategies.As the number of servers increases,all the costs and latency of the four strategies rise.The reason is as the number of servers in the network increases,the distance between the requester and the server within the optional delay constraint also increases,resulting in higher offloading costs and delays.Yet in the same environment,the RPC can obtain the lowest value of cost and delay among the four strategies by weighing the relationship between distance and price.

Parameter influence:Figure 5b and Figure 6b discuss the relationship between total cost and time constraint.As can be seen in Figure 5b,with the increase ofhopmax,the overhead of all four strategies also increases.However,extent of increase of the other three methods is significantly higher than that of the RPC algorithm.In particular,whenhopmaxis greater than 3,DQS2019 only tries its best to choose the lowestpriced server and ignores the penalty brought by the forwarding process,and thus the offloading cost remains high.Meanwhile,the RPC algorithm comprehensively considers the server status and delay sensitivity constraints,and can achieve the Nash equilibrium of the network at a certain moment,thereby obtaining the lowest overall overhead.In Figure 6b,the latency of RPC approach first rises and then falls.This is because the connection relationship and the number of nodes in the small-scale network topology are limited.When thehopmaxis loosened to 4,the server that meets the conditions can be found,which reduces the possibility of retransmission and service timeout,thereby reducing the average latency.

Figure 5c and Figure 6c discuss the relationship between avarage latency and time constraint withpenalty/p0.Obviously,as the penalty increases,the cost of the four algorithms increases,but the cost of RPC is the lowest.This is because increasing the penalty coefficient for the additional delay will obviously act on the single strategy that only considers seeking the individual for the minimum cost,while ignoring the load balancing of the overall network server state.Therefore,the RPC algorithm achieved the lowest overall overhead.From another perspective,penalty/p0represents the magnitude of the security threat and the sensitivity to energy consumption during the MEC cooperative forwarding process.The larger the value,the more the user focuses on security.Therefore,nodes with fewer hops will be selected for the service to reduce the talency.The smaller the delay is,the less sensitive the user will be for energy services,and the more willingness the user will show to seek services from nodes with high idleness and low resource prices.Therefore,in Figure 6c,the latency decreases aspenalty/p0increases.

Server Capacity :Figure 6d and Figure 7d shows the relationship between total overhead and latency with server capacity.It can be seen from the Figure 5d that as the server capacity increases,the overall network overhead of the four algorithms decreases.This is because the stronger services the server can provide,the more idle time the server will have for the same amount of tasks,the lower the resource price,and the lower the total network overhead.It can be seen from the figure that compared to the other three algorithms,the total cost of the RPC method decreases the fastest,because it can select a suitable service provider for the requester under the premise of comprehensive server idle state and delay constraints,as well as latency.

Figure 9.Topology of Scene 2.

Anti-attack capability:Figure 6e and Figure 7e shows how the total cost and latency vary with the number of attackers’ target servers.As can be seen from the figure,as the number of attacked servers increases,the overall network offloading overhead also increases.In particular,the cost of polling algorithm and DQS2019 algorithm has increased significantly,but the cost of the RPC method we proposed has the slowest increase.This is because when multiple edge servers in the network are in a saturated state,more requests will not be satisfied and eventually lead to offload failure,espescially in Random method.The RPC algorithm can better guarantee the success rate of offloading requests,so as to achieve the lowest overall network overhead.In Figure 6e,the RPC can offer the offloading mitigation request allocation strategy under the DDoS attacks by better coordinating idle resources between servers,and thus it can greatly reduce the average offload delay in the network.This also reflects the attack resistance of the RPC algorithm and the ability to mitigate the impact of DDoS attacks.

6.3 Experiment Scene 2

In the second scheme,we used a network scale of 23～27servers from EUA dataset for performance evaluation.Its topological relationship is shown in Figure 9.Similar to Scene 1,Figure 7 and Figure 8 show the results in the total offloading cost and average latency of the network under the five parameter changes in Table 3.In addition,considering the ap-plication in the actual network,we discuss the convergence time of the algorithm under different scale edge servers.

Table 3.Experiment settings of Scene 2.

Table 4.Comparison of convergence time.

6.3.1 Convergence Time

The convergence time reflects the feasibility of the algorithm in practical applications.This section evaluates the convergence time of the RPC algorithm.Table 4 shows the comparison of the convergence time of the four algorithms under different scale edge servers.It can be seen from the Table 4 that the convergence time of the RPC algorithm is similar to that of the Random and Polling algorithm,while DQS2019 algorithm that takes the most time.This is because compared to the DQS2019 algorithm,the time complexity of RPC isO(nm+n),while the complexity of the DQS2019 algorithm isO(nmlogm) .It can be seen that the RPC algorithm is relatively low in complexity compared with other algorithms,and at the same time it can obtain a better offloading effect.

6.3.2 Evaluation Performance

In Scene 2,we evaluate the performance of the RPC approach from the same four aspects as Scene 1: scalability,parameter influence,server capability and antiattack capability.It can be seen from Figure 7 and Figure 8,consistent with the simulation results of Scene 1,the total cost and average latency of the RPC are the smallest among the four methods,but there are slight differences under certain conditions.

Scalability :Figure 7a and Figure 8a show the results of changes in cost and latency with the number of servers under four strategies in real-scale network.Compared with Figure 5a and Figure 6a,the cost and average latency increases sharply with the variation of the number of servers.Especially in Figure 8a,the latency in three other methods is significantly higher than that of the RPC algorithm.The reason is that the RPC not only pursues the optimal choice of a certain user,but also optimizes it based on the overall service considerations of network participants.In the scenario where the number of edge servers is 27the average latency of the RPC algorithm is only 48.1%of Random algorithm,49.2% of Polling algorithm,and 47.7% of DQS2019 algorithm.Therefore the RPC algorithm is more suitable for large-scale network application scenarios than other algorithms.

Parameter influence:Like Figure 5 and Figure 6,Figure 7b,Figure 8b,Figure 7c and Figure 8c discuss the impact of the parametershopmaxandpenalty/p0on the overall cost and average latency in the scenario where the number of edge servers is 26.The changing trends of Figure 6c and Figure 8c are roughly the same.Here we mainly focus on the difference between the simulation results and Scene 1.In Figure 8b,whenhopmax=1,the latency of RPC is high.As thehopmaxgradually increases,the latency decreases sharply and then stabilizes.The reason is that when there is only one hop,many users cannot reach the ideal mitigation strategy,and thus they need to retransmit the offloading request,which greatly increases the overall average delay of the network.When the time constraints are relaxed,users can find a suitable mitigation strategy,and thus the average latency tends to stabilize.On the contrary,in Figure 6b,due to the network topology connection relationship and the number of servers,the stability of the delay needs to be achieved when the hop value is loosen to 4.In general,under different time constraints and penalty factors,the RPC has achieved the smallest offloading cost and the lowest average delay,which shows that it is also suitable for large-scale networks.

Server Capacity :Figure 7d and Figure 8d discusses the impact of edge server capability on cost and average latency in a large-scale network.Similar to Scene 1,in a network with 26edge servers,the overall cost and average latency decreases with with the rise of server capability.It can be seen from the figure that when the server capacity is 50,the cost of the RPC algorithm is reduced by 36.1% compared with DQS2019 algorithm,the best among the other three algorithms.The average latency of DQS2019 does not decrease with the changes of capacity like cost,because it does not consider the impact caused by the increase in hop count,and only pursues the lowest price server.Meanwhile,the RPC algorithm considers not only the idle state of the server,but also the overall overhead and hop penalty in each offloading requests.Therefore,the RPC algorithm proposed in this paper performs the best in simulation results.

Anti-attack Capability :Figure 7e and Figure 8e depict the changes in cost and latency with the number of MEC servers attacked by DDoS.It can be seen that in large-scale networks,unlike the other three algorithms,the network cost and average latency of the RPC algorithm does not change significantly with the increase in the number of attacked servers.Because the number of edge servers being attacked is generally a small number compared with a large number of servers,so the RPC algorithm can ensure that edge servers with appropriate pricing resources are found within the delay constraint to offload in most scenes.Other algorithms are likely to encounter the offloading failure.For example,even if DQS2019 can satisfy one request,but it may do not meet the request one after,which leads to a significant increase in the overall network cost and avergae latency.Therefore,this the RPC algorithm is able to mitigate the impact of DDoS attacks in real-scale networks.

VII.CONCLUSION

Focusing on the mitigation of the impact of DDoS attacks on computing offloading,this study designed an approach based on resources pricing.From the perspective of the cost of all users in the network,we established a cost calculation model based on resource pricing and delay constraints,which regarded the user’s offloading method as a game strategy,and then proved the existence of the Nash equilibrium through theoretical analysis.In the end,the minimum cost of the entire network has been found.The performance evaluation verifies the feasibility and effectiveness of the RPC method from the perspective of edge server networks of different scenes,which mitigates the malicious impact of DDoS attacks on offloading services of benign users.

ACKNOWLEDGEMENT

This study was supported by National Natural Science Foundation of China (No.61941114) and (No.61801515).