摘要
针对边缘计算系统中边缘服务器面临的拒绝服务(DoS)攻击问题,提出了一种基于并行运行时验证的DoS攻击检测方法。首先,使用命题投影时序逻辑(PPTL)公式形式化描述边缘服务器预期行为和DoS攻击特征;进而,针对待验证PPTL公式,采用并行运行时验证框架,充分利用边缘服务器的计算与存储资源,对程序运行状态进行异常检测和误用检测。利用所提方法,对一个实际的基于边缘计算的点对点(P2P)网络智能停车系统进行模拟DoS攻击和攻击检测。对比实验表明,所提方法能够有效检测出边缘服务器异常行为和所受DoS攻击类型。
Aiming at the DoS(denial of service)attacks against edge servers in an edge computing system,a parallel runtime verification approach for DoS attack detection was proposed.First,PPTL(propositional projection temporal logic)formulas were utilized to formally describe expected behaviors of an edge server and DoS attack characteristics.Then,for the PPTL formulas to be verified,a parallel runtime verification framework was adopted to make use of the computing and storage resources of an edge server to conduct anomaly detection and misuse detection.The proposed attack detection approach was performed for an actual P2P(peer-to-peer)network based on smart parking system using edge computing which was supposed to suffer from a DoS attack.Experiments show that the proposed method can accurately and efficiently identify abnormal behaviors of edge servers and types of DoS attacks.
作者
于斌
张南
陆旭
段振华
田聪
YU Bin;ZHANG Nan;LU Xu;DUAN Zhenhua;TIAN Cong(School of Computer Science and Technology,Xidian University,Xi’an 710071,China)
出处
《通信学报》
EI
CSCD
北大核心
2021年第9期75-86,共12页
Journal on Communications
基金
国家重点研发计划基金资助项目(No.2018AAA0103202)
国家自然科学基金资助项目(No.61732013,No.61806158)
中央高校基本科研业务费专项资金资助项目(No.XJS210305)
陕西省自然科学基础研究计划基金资助项目(No.2021JQ-208)。
