In order to satisfy diverse quality-of-service (QoS) requirements of complex real-time video applications, civilian and tactical use cases are employing software-defined hybrid edge-cloud systems. One of the primary QoS requirements of such applications is ultra-low end-to-end latency for video applications that necessitates rapid frame transfer between end-devices and edge servers using software-defined networking (SDN). Failing to guarantee such strict requirements leads to quality degradation of video applications and subsequently mission failure. In this paper, we show how a collaborative group of attackers can exploit SDN's control communications to launch Denial of Quality of Service (DQoS) attack that artificially increases end-to-end latency of video frames and yet evades detection. In particular, we show how Deep Neural Network (DNN) model training on all or partial network state information can help predict network packet drop rates with reasonable accuracy. We also show how such predictions can help design an attack model that can inflict just the right amount of added latency to the end-to-end video processing that is enough to cause considerable QoS degradation but not too much to raise suspicion. We use a realistic edge-cloud testbed on GENI platform for training data collection and demonstration of high model accuracy and attack success rate.

翻译：为了满足复杂实时视频应用多样化的服务质量（QoS）需求，民用与战术场景正广泛采用软件定义的混合边缘云系统。此类应用的主要QoS要求之一是实现视频应用的超低端到端延迟，这需要借助软件定义网络（SDN）在终端设备与边缘服务器之间实现快速帧传输。若无法满足此类严苛要求，将导致视频应用质量下降，进而引发任务失败。本文展示了攻击者协作组如何利用SDN的控制通信发起拒绝服务质量（DQoS）攻击，该攻击人为增加视频帧的端到端延迟却仍能逃避检测。具体而言，我们展示了基于全部或部分网络状态信息训练的深度神经网络（DNN）模型能够以合理精度预测网络数据包丢弃率。同时证明，此类预测可用于设计攻击模型，该模型能够精确施加恰好足以引起显著QoS降级但又不会引发怀疑的附加延迟。我们基于GENI平台构建了真实的边缘云测试床，用于训练数据采集，并验证了高模型准确率与攻击成功率。