RESUMO
Current mobile devices need to run applications with high computational demands and critical response times. The mobile edge computing (MEC) paradigm was developed to improve the performance of these devices. This new computation architecture allows for the mobile devices to execute applications on fog nodes at the network edge; this process is called data processing offloading. This article presents a security model for the externalization of application execution in multi-tier MEC environments. The principal novelty of this study is that the model is able to modify the required security level in each tier of the distributed architecture as a function of the degree of trust associated with that tier. The basic idea is that a higher degree of trust requires a lower level of security, and vice versa. A formal framework is introduced that represents the general environment of application execution in distributed MEC architectures. An architecture is proposed that allows for deployment of the model in production environments and is implemented for evaluation purposes. The results show that the security model can be applied in multi-tier MEC architectures and that the model produces a minimal overhead, especially for computationally intensive applications.
RESUMO
Denial of Wallet (DoW) attacks refers to a type of cyberattack that aims to exploit and exhaust the financial resources of an organization by triggering excessive costs or charges within their cloud or serverless computing environment. These attacks are particularly relevant in the context of serverless architectures due to characteristics like pay-as-you-go model, auto-scaling, limited control and cost amplification. Serverless computing, often referred to as Function-as-a-Service (FaaS), is a cloud computing model that allows developers to build and run applications without the need to manage traditional server infrastructure. Serverless architectures have gained popularity in cloud computing due to their flexibility and ability to scale automatically based on demand. These architectures are based on executing functions without the need to manage the underlying infrastructure. However, the lack of realistic and representative datasets that simulate function invocations in serverless environments has been a challenge for research and development of solutions in this field. The aim is to create a dataset for simulating function invocations in serverless architectures, that is a valuable practice for ensuring the reliability, efficiency, and security of serverless applications. Furthermore, we propose a methodology for the generation of the dataset, which involves the generation of synthetic data from traffic generated on cloud platforms and the identification of the main characteristics of function invocations. These characteristics include SubmitTime, Invocation Delay, Response Delay, Function Duration, Active Functions at Request, Active Functions at Response. By generating this dataset, we expect to facilitate the detection of Denial of Wallet (DoW) attacks using machine learning techniques and neural networks. In this way, this dataset available in Mendeley data repository could provide other researchers and developers with a dataset to test and evaluate machine learning algorithms or use other techniques based on the detection of attacks and anomalies in serverless environments.
RESUMO
Computation offloading is the solution for IoT devices of limited resources and high-cost processing requirements. However, the network related issues such as latency and bandwidth consumption need to be considered. Data transmission reduction is one of the solutions aiming to solve network related problems by reducing the amount of data transmitted. In this paper, we propose a generalized formal data transmission reduction model independent of the system and the data type. This formalization is based on two main ideas: 1) Not sending data until a significant change occurs, 2) Sending a lighter size entity permitting the cloud to deduct the data captured by the IoT device without actually receiving it. This paper includes the mathematical representation of the model, general evaluation metrics formulas as well as detailed projections on real world use cases.