1 Introduction

Mobile terminals such as smartphones, tablets, and computers have become an integral part of our lives. Increasing the number of smartphones is directly proportional to the increase of network traffic. The exponential growth of devices and data traffic creates issues in terms of high latency, high bandwidth, and lack of data storage capabilities. The smart technological evolutions in mobile, laptops, and tablets give rise to the highly demanding applications and services based on mobile technology. With the shortage of timing, most of the users required processed data or outcomes in a very short period. The high demanding applications provide real-time services by the processing of real-time data. The size of the real-time data is huge because, over time, new data is generated accumulatively. Thus, handling huge amount of real-time data by mobile phones is very difficult in short time period and limited capability, i.e., serving applications containing high processing tasks, as also increase battery consumption restricting users from enjoying demanding applications. Until now, mobile cellular has limited capabilities, including memory, bandwidth, and infrastructure. These constrain increase energy consumption and service latency issues. The problem present in the current systems may be assisted by including the concept of emerging technologies such as Edge networks [1], EdgeIoT [2], and mobile edge computing. In this work, the problem present in the current system is addressed thoroughly by including the concept of mobile and edge computing (MEC).

Mobile Cloud Computing (MCC) integrates cloud computing concepts with the mobile environment [3]. MCC provides many capabilities to the mobile devices in which a user can access computing and storage resources from a powerful centralized cloud through the Internet [4]. MCC brings advantages such as increased battery life by offloading extensive computation applications, using sophisticated applications, and providing higher data storage capabilities [5]. However, MCC also faced several challenges such as high latency, low coverage, lag in data transmission, and security vulnerability. These challenges made the system inconvenient and less suitable needing novel concept or architecture to be adopted, especially handling real-time cases providing fast responses enjoying high Quality of Service (QoS) [6].

In 2009, the concept of edge computing was introduced [7] with main aim to address MCC’s challenges. This concept brings computational devices near to users similar to WiFi hotspot scenarios, i.e., instead of Internet connection, the approach/setup provides computational other services. MEC offers MCC capabilities by deploying cloud resources such as storage and processing capacity on the edge server or edge of any network. The basic idea behind MEC is that all the applications and services are hosted near the cellular network to reduce transmission time and latency. This can support end-users in accessing swift and powerful computing resources, flexible and rapid deployment of new applications, energy efficiency environment, high storage capacity, high mobility, location, and context awareness applications.

In the MEC environment, several computing nodes (node servers) are deployed in a distributed manner. Any user can connect with the MEC nodes according to the proximity of the two devices. The node server takes care of the heavy computational tasks that users submit and sends back to them. This is faster than cloud services, because computing nodes are closer to the user devices. European Telecommunications Standards Institute (ETSI) is the organization that provides standard MEC network architecture and definition, supported by mobile network operators such as Docomo, Vodafone, IBM and manufacturer’s such as Nokia and Huawei [8].

MEC plays a significant role in supporting high communication, better computing capabilities, controlled information sharing, and better content delivery in 5G networks. The use of small mobile base stations and wireless access points deployed with computational capacity makes ubiquitous mobile computing [9] environment. The MEC provides several low cost and efficient solutions for the Internet of Things (IoT) [10]. These IoT solutions contain interrelated internet-connected objects capable of sharing information over wireless media without human intervention [11]. The MEC solution brings the cloud services close to the IoT device [12].

Additionally, artificial intelligence (AI) in deep learning networks is a powerful tool and technique that addresses the problems and empowers real-time resource management [13,14,15,16] for efficient IoT-MEC environment [17,18,19]. The inclusion of AI techniques in MEC improve the quality and accuracy of the system to take decisions faster than humans. Higher-latency and lower-throughput problems present in traditional machine learning systems are needed to make a new robust machine learning model. The AI-based Federated Learning (collaborative learning) [20] works in distributed manner in which machine learning algorithms are performed over the edge node without sharing the data [21], different than counting-based secret-sharing [22]. This AI-MEC approach has overcome many algorithmic and technical challenges present in the machine learning model. FL deployment in IoT-enabled technology gives more robust and fault-tolerant frameworks. This emerging machine learning approaches provide better privacy solutions and progressive application deployment templates. The key characteristics of this efficient approach are all the information to be locally processed [23], as the training data reside on the local device. The FL approach separates the learning models’ needs from the necessity to store the data. The main advantages of AI-based FL include high data security/privacy, lower service latency, data diversity, hardware efficiency, real-time data analysis, and many more. The FL-based MEC approach gives solution for deploying real-time online gaming, ultra-high definition video stream, and Virtual Reality (VR) applications [24]. Regardless of AI-based federated learning advantages in several fields, it has some limitations. In this approach, the data is distributed on multiple servers increasing the attack surface. Various devices are integrated to build a model in federated learning such that device-specific characteristics may reduce the performance, i.e., of the federated learning model. Orchestrator can be counted as another challenge in federated learning approach too [25].

Recent advancement such as Network Function Virtualization (NFV) [26,27,28], Information-Centric Cloud (ICN) [29,30,31], and Software Defined Network (SDN) in the field of computer networks also helped in the deployment of efficient MEC environments. These discussions demonstrated that the AI-based FL approach for the MEC-IoT environment is an important research area that needs more attention. In the literature, some of the survey papers are identified, which helps develop such systems comprehensively, unlike specific open-service confidentiality reviews such as twitter privacy studies [32]. In other words, a systematic review paper covering all the aspects of this AI-MEC area is not identified appropriately. In this regard, some of the important research work (survey papers) are listed out in Table 1. In this table, three symbols are used. “” symbol signifies less discussion of the topic. The “✓” and “ × ” symbols denote that the particular topic is covered and the topic is not covered, respectively. This table (Table 1) compared all the existing research work (survey papers) to help identify gaps and limitations.

Table 1 Comparison of the survey with the existing survey papers
Full size table

This survey paper tried to overcome the existing limitations present in the previous related study papers. The structure of this survey paper is shown in Fig. 1, contributing the following summarized points, as will be discussed later.

  • • This survey paper reviewed and compared the existing study papers related to AI- and FL-based MEC for IoT highlighting their limitations.

  • • MEC background is discussed including deployment and technical developments, network architecture, and specific MEC advantages. This review paper also included FL-based AI approaches applicable to MEC for IoT environments.

  • • The security and privacy challenges with countermeasures are discussed. This section is based on the discussed background and AI/FL approaches, i.e., linked to MEC. This discussion also facilitated different attacks possible in AI-based MEC environment as well as development of many online/offline applications.

  • • Based on the complete literature survey and phenomena of AI-based MEC, some open issues and urgent upcoming challenges have been discussed as needed to be addressed in the future.

Fig. 1
figure 1

The structure of this survey work

Full size image

The paper’s remaining sections are organized as follows. Section 2 discusses the existing solutions for AI- and FL-based MEC environment. The background of the MEC is deliberated in Sect. 3. Section 4 presents the different FL-based AI approaches for MEC. Security and privacy challenges of AI- and FL-based MEC, including countermeasures, are elaborated in Sect. 5. Several specific security attacks are listed out in Sect. 6. The applications of MEC appropriate to different sectors are discussed in Sect. 7. Open issues and challenges for the future are discussed in Sect. 8. The conclusion of the paper is presented in Sect. 9.

2 Existing Solutions for AI- and FL-Based MEC

The AI-based MEC environment provides an intelligent system in which mobile or IoT devices are communicated to provide efficient services. The AI-based distributed FL approach is considered as additional machine learning technology that will be helpful for development of security and privacy applications, i.e., serving learning models deployed in MEC for IoT systems. Several works are identified aiming to provide numerous solutions for security and privacy in AI- and FL-based MEC environment [47,48,49,50,51,52,53,54,55], as critically summarized in Table 2.

Table 2 Comparative analysis of existing solutions for AI and FL based MEC
Full size table

Unique potential privacy issues present in MEC wireless networks are discussed in paper [60]. They present usage pattern privacy problems and location privacy matters coping current technology involvement in public systems [86]. Therefore, author of [60] also proposed a scheduling algorithm that can effectively perform task offloading along with maintaining privacy. This procedure is proposed based on the Constrained Markov Decision Process (CMDP) framework that achieves low latency and efficient energy consumption, i.e., in devices that maintain their performance and privacy.

FedMec model in the MEC environment is proposed by Zhang et al. in paper [87], which allows maintaining the privacy of the training data and an efficient FL protocol. Physical-layer assisted privacy-preserving scheme [88] provides both efficiency and privacy. In this [88] structure, edge server is responsible for offloading the task and proactively sends out jamming signals to stop eavesdroppers from obtaining valuable information.

In [89], researchers show that combining blockchain in multi-domain networks enables secure topology in MEC, as secure collaboration is possible in multiple domains. In [90], authors illustrate the inference attack with the help of Wald’s sequential hypothesis testing. This experiment concludes existence of privacy risk in the current MEC system. Similarly, an offloading scheme is proposed to deal with this issue, which also preserves the system’s privacy and performs cost-effective offloading operations. Xu et al. [71] propose the BeCome method in IoT-based MEC, which uses Blockchain to reduce the time needed during offloading and provide efficient consumption of energy.

In [2] the author proposes an architecture called edgeIoT. This architecture effectively handles the huge amount of traffic generated by IoT devices. This would reduce the traffic load in the network and provide lower latency. The computational resource comparison of edgeIoT with the traditional IoT architecture shows better service provisioning. Relatively, the paper [91] shows proliferation of using AI/ML techniques which improve the edge computing paradigms, i.e., with greater efficiency of network bandwidth usage, reduced latency, and ultra-reliability for the future 6G networks. The dynamic environment demands high mobility and low latency. AI-driven Heterogeneous MEC architecture has been discussed in paper [92] to achieve such superior demands.

In [93] highlights, the critical role of AI ensuring network security in 5G and beyond raised the possibility of security risk associated with the AI benefits envisioned. Relatively, paper [94] provided comprehensive review of IoT, including IoT-based MEC architecture, enabling technologies, and security and privacy issues. Moreover, it also includes integrating fog/edge computing with IoT. Interestingly, work [72] focused on privacy-preserving problems in the smart grid network. The approach can lead to better data protection along with acceptable performance. It proposed the use of blockchain as system to join all the entities in the grid network. The approach also introduced a special type of Node (SNs), which validates the participating nodes. In research [73] the focused investigation was on offloading problems presenting strategy designed to create proper balance between effective use and privacy, which divides the process into two phases in a smart way. Furthermore, to manage the huge amount of finely grained complex sensing data, the authors [66] proposed using crowdsensing system. Similarly, the Internet of Vehicles (IoV) applications need to have higher bandwidth, lower latency, and higher reliability, and MEC that can meet the needs, i.e., of such applications. The authors of [74] proposed collaborative scheduling strategy to help allocate intended computing resources in case of IoT-based MEC. This approach dealt with offloading MEC problems when dealing with user tasks and better computational resource allocation in MEC.

Paper [75] studies the time consumption issue in MEC, and it also focuses on maintaining the system’s privacy. The research proposes offloading method with better security and lower time consumption. Exploration [95] presented an intelligent Game-theoretic privacy-aware task allocation solution. This solution is applicable for the Social Sensing-based Edge Computing system, which optimized QoS to ensure that the privacy requirements of end-users are met. In study [96] model, a three-layer privacy protection architecture has been worked out as Edge Computing Architecture (ECA), at the edge of the network framework, i.e., based on ontology of system behavior to be highly dynamic. Differently, work [97] presented Privacy-aware Edge Computing for providing privacy in Social Sensing-based Edge Computing system which did not show much applicability.

Survey papers [33, 98,99,100] presented comprehensive overview and MEC research outlook. MEC deployment concerns, cache-enabled problems, MEC mobility management, green MEC, and security challenges have all been listed as potential research directions in addition to smart IoT works [101]. In the paper [76], the author dealt with the issue of resource allocation when deploying the MEC-intrusion detection system. Mathematical modeling is used in the proposed allocation mechanism. Likewise, the author [102] proposed security solution that uses reinforcement learning to deal with the privacy issues within the intended MEC system. The author presented caching collaboration scheme that can also perform lightweight authentication to deal with smart attacks when performing mobile offloading, theoretically comparable to semi-authentication of multimedia strategy [103]. Work [104] presented Honeypots which deal with harmful define-to-define communication. The responsibility of Honeypots is to detect, track and isolate malicious activity in the device-to-device network. Accordingly, paper [105] discussed security issues due to third-party MEC providers. Similarly, paper [67] proposed security architecture of Vehicular Ad-hoc Networks to ensure VANET data’s authenticity utilizing combining blockchain and MEC. This VANET architecture used three layers, namely perception, edge computing, and service layer, with the perception responsibility ensuring data security during transmission through the blockchain. This work [67] compared the encryption-based security with the physical layer security trying to solve MEC-based IoT challenges via encryption physical layer security approaches. The solution includes secure wiretap coding, resource allocation, signal processing, secure key generation, authentication, and multi-node cooperation. To ensure maximum security and solve decision-making problems in fog and MEC, other paper [106] proposed use of hesitant fuzzy which added unpractical complexity.

Syamkumar et al. [68] considered the problem presented in geographic distributed MEC micro data centers. They proposed incremental deployment model which composed of Voronoi Cell-based analysis. They also discovered that tower deployment in rural areas is consistent when compared to urban areas. Likewise, Li et al. [69] proposed the middlebox approach to deal with the low latency issues during MEC deployment. Proxy ARP, GTP (GPRS Tunneling Protocol), Repackaging, Traffic Redirection via DNS, and Stateful Tracking of GTP Tunnel are some of the approaches used in the proposed model [69]. Martin et al. [107] projected a mathematical model for determining the deployment locality of the base station and MEC point. The deployment focused on making the distance between population and base station minimum. To solve transmission security issues in IoT devices, Gyamfi et al. [77] discussed using ECC-based scheme, which is considered lightweight solution. This proposed solution reduced the complexity and running time of traditional encryption algorithms, following philosophy of former ECC efficiency [108]. The paper [109] presented using identity-based anonymous authentication scheme for MEC anonymity and non-traceability. It also allows users whom already registered to access multiple MEC servers. Zhou et al. [110] investigated the security of MEC system in Unmanned Aerial Vehicle (UAV), which has multiple ground users. The paper also attempted to maximize the user’s secrecy, minimize latency, efficient energy consumption, and minimize offloading requirements.

He et al. [111] analyzed the security issues presented in the IoT applications, which supports the MEC concepts. The IoT-MEC applications are perception systems and networked drones. They suggested a novel method for taking control of an autonomous non-cooperative Drone. In the MEC environment, due to several heterogeneous edge servers, security overhead may rise. To quantify security overhead with workflow scheduling problems, a secure and energy-efficient scheduling strategy has been projected in [78]. Similarly, Truex et al. [80] proposed a Privacy-Preserving framework in the FL environment. The aimed approach used hybrid modeling which combined differential privacy and secure multiparty computation to protect the system against inference attacks and collusion threats. Ranaweera et al. [79] have presented the current status and several threat vectors of the MEC paradigm from a security point of view. They discussed the use of Trusted Platform Manager and Virtual Machine Inspection for countering the virtualization-based attack. Relatively, a bio-surveillance framework for detecting multiple health security threats with the support of MEC has been proposed in [112] as framework, presented innovative techniques for collecting and representing monitoring information. A novel security architecture for Integrated Clinical Environments has been introduced as Integrated Clinical Environments that manages security, privacy, QoS, resources allocation, low latency, and high availability solutions in considerable manner.

Nilsson et al. [113] evaluated the FL algorithms such as Federated Averaging, Cooperative, Federated Stochastic Variance Reduced Gradient on the MNIST dataset using Bayesian correlated t-tests. Ahmad et al. [114] pointed out the main security issues in 5G, which, if not properly addressed, can become threatening. Moreover, the paper also presented potential security mechanisms and solutions for the discussed threats. Lu et al. [81] propose a sub gossip updating scheme based on FL to alleviate data leaks in the VCPS system. Cheng et al. [115] proposed a novel lossless privacy-preserving algorithm. They also used Secure-Boost to train a high-quality tree boosting model. In this approach, training data remains secret over multiple parties, similar in principle to increasing participants using counting-based secret sharing via involving matrices and practical steganography [116]. Bissmeyer et al. [117] conferred optimal secure mechanism in 5G-MEC architecture to deal with decentralization, security, location awareness, and minimal rejection. Hou et al. [118] proposed Access Control Mechanism with better protection for data in MEC architecture. The deliberated Fine-Grained Access Control mechanism considered user grouping to deal with the problems in access control policies. Huang et al. [78] examined the security and effective offloading issue framework as based on Markov decision process. They suggested security and cost-effective offloading strategy based on deep Q-network process, i.e., to find the best offloading policy. The paper’s primary goal is to reduce total costs while adhering to the risk rate constraint in MEC. Belli et al. [119] proposed the use of Mobile crowd-sensing in scenarios where it’s required to have massive sensing. They also analyzed real-world datasets. Mohri et al. [120] planned novel framework for FL based on principle learning objectives in which they presented a detailed analysis and learning algorithm.

Wang et al. [121] studied the allocation problem in MEC servers via two approaches, namely flat and hierarchical deployment. The paper presented hierarchical deployment as one of the approaches that can reduce response time than flat deployment. Elgendy et al. [122] proposed an offloading model which performed resource allocation and computation offloading efficiently in a multiuser MEC system. The model also used Advanced Encryption Standard to prevent leakage of sensitive information.

In work [123], edge computing-assisted FL framework is anticipated in which both the training efficiency and accuracy are computed. In many realistic applications, AI algorithms are computationally expensive task requiring large-scale training samples. The huge amount of node deployment needed another concept that improves the efficiency of the system. Relatively, Machine Edge Learning (MEL) has been proposed in [124]. In this MEL concept, computationally expensive algorithms are carried out in the nodes or edges. Each node performs its own training iteration to train its local training model. After that, the local node sends the results to the higher-level nodes, aggregating the local features and sending updates to the lower-level nodes. A more intelligent AI-based edge system has been given in [125]. In-Edge AI framework Deep Reinforcement Learning techniques and FL concept is introduced with the mobile edge devices. This approach reduced the computing and communication load from the edge networks. To address the corresponding problems, research [126] suggested framework that combines FL and MEC. The work used open-source dataset CIFAR10 [127,128,129] for experimentation purposes compared with centralized learning.

Paper [130] presented FL as a Service (FLaaS) arrangement, which enabled 3rd-party applications to create ML models which are cooperative, decentralized, and preserve the privacy of data. An FL chain model deployed on a blockchain network composed of edge devices has been proposed in [21] to improve the security in FL. The paper projected the use of separate channel for learning global models in the blockchain network in a smart way.

A black-box- and white-box-based resource optimization approaches in federated learning have been discussed in [83]. After that, a neural-structure-aware resource management technique was proposed for better elasticity and resource utilization. In this approach, each mobile client is assigned different working subnet based on the status of their local resources. A joint optimization algorithm has been briefed based on designed optimization problem [48] in federated learning-based MEC systems. This algorithm provides a tradeoff between the accuracy and training efficiency of the model. In an edge computing environment, data collection for machine learning algorithms raised many security and privacy issues. To solve this problem, Liu et al. [84] proposed an asynchronous convergence model in federated learning. This technique considered the staleness coefficient on blockchain network for aggregation of the global model. A multi-user context aware offloading scheme has been developed in [85]. They also use deep reinforcement learning (an FL based model) for the capability distribution of MEC devices. A privacy-preserving framework has been planned in [131] to protect the system from data leaking and privacy issues. The framework considered both federated learning and edge computing environment with deep learning model, so that data can reside locally on edge devices and end users. Inference attacks are considered for privacy analysis of edge-FL-based environments. In the federated learning model, malicious nodes can upload fake/unreal learning parameters, giving high error rate. A Federated learning parameter aggregating algorithm has been briefed in [132] to resolve such problems. The mutual information will be used to calculate the similarity of the gradient trend between local training model and overall model. Asynchronous federated learning approach has been developed in [133] to manage the synchronization optimization. This model allows the edging node to select some part of the model, which will reduce the amount of calculation and communication. Resulting from this, the model efficiency has increased in heterogeneous edge environments.

3 Background of MEC

In this section, the background of the MEC for IoT is discussed. The technical development, characteristics of MEC, MEC technologies, MEC actors and their roles, MEC access technologies, the objective of MEC, network architecture, and advantages are some points on which the section is developed.

3.1 Deployment and Technical Development

The first concept for the development of Mobile Edge Technology is introduced in [7]. In this concept, Cloudlets is to be used as computing “hotspots” similar to WiFi hotspots. Another WiCloud architecture is discussed in [134] on which the MEC has been developed. These are the foundation blocks for improving technology. European Telecommunications Standards Institute (ETSI) is the first organization that standardizes the MEC network architecture by integrating cloud computing and IT-enabled services [8].

Nowadays, it is combined with other technology such as 5th generation 5G networks. MEC infrastructure elements can be deployed in multiple places in the network depending on the use. The MEC servers are located at multiple locations. For instance, in an LTE cellular network, Marco Base Station (ENodeB) is used to deploy the application server. In a 3G cellular network, Radio Network Controller (RNC) [135, 136] can be used to deploy the MEC server. The pre-existing 4G network system is divided into four parts: access network, pre-aggregation network, IP-aggregation network, and core network [137]. The access network is further divided into enterprise site. The pre-aggregation network deals with processes that have low computational requirements. The IP-aggregation network differentiates traffic based on the service which is requested. Finally, the core network deals with the high computational service and analytic. A network system for the development of MEC is shown in Fig. 2. The new 5G technologies are composed of virtualization [138, 139], the programmability of networks and services that is under development with 3rd Generation Partnership Project (3GPP) [140, 141]. 5G is a revolutionary technology that may solve many problems faced by 4G technology problems, such as higher bandwidth and lower service latency [142].

Fig. 2
figure 2

Mobile edge computing development architecture

Full size image

3.2 Characteristic of MEC

MEC technology composed several computing platforms like fog computing, cloud computing, mobile computing, IoT, wireless technologies, and many more. Due to this, it contains numerous characteristics. ETSI white paper states the following as the main characteristics of MEC.

  • On Premises: MEC platforms are not dependent on the underlying network architecture. During accessing local resources, they have separated from the other networks. This property of MEC makes it less vulnerable as the MEC network is not centralized and not dependent on any other networks.

  • Proximity: Most of the time, MEC servers are being deployed closed to the accessing points so that the computation and transmission time may reduce. This feature makes the system more capable of handling big data applications with large data size and low computation time.

  • Low Latency: MEC servers are deployed at closed proximity of the user devices, and data movement is separated from the core network. Due to this, the service latency and communication delay may reduce. This leads to higher bandwidth and better QoE.

  • Location Awareness: The MEC technologies are mainly based on the machine-to-machine concept. In such a scenario, devices use low-level signals for information sharing. MEC uses low-level signals to discover the device location identification.

  • Network Context Information: The MEC provides real-time network information for the implementation of real-time business applications. Based on RAN [143, 144] information, people can estimate future behavior and congestion of the network. This will also help to make smart decisions for better QoS delivery.

  • Dense Geographical Distribution: The MEC components are distributing among multiple geographical locations. Each movable user can access the services at the edge of the network in which the edge network is fixed, and the user is located at multiple locations [145].

3.3 MEC technologies

MEC technologies and modeling components can be briefed as follows:

3.3.1 Local Cloud

To ensure data privacy and lower latency, the local cloud is used in the local network connection with the remote cloud server. In most cases, the software is installed on the local cloud and integrated with the remote cloud. This will make the system fast and reduce the communication delay. But, the local cloud has limited capabilities [146].

3.3.2 Cloudlets

It is a small-scale database that is generally located at the edge of wireless hop. This is located near to end mobile users or devices. The Cloudlet [147, 148] is connected with the remotely located cloud server to provide the services efficiently. The primary focus of cloudlet is to reduce the distance between end mobile users and installed service locations. This will reduce the service latency and energy consumption for latency-sensitive applications.

3.3.3 Fog Computing

Fog computing [149,150,151] or Edge Computing was created by CISCO that ubiquitous connected devices at the edge network. This computing technology carried out network service and computing resources in LAN near IoT gateway or fog node. This provides lower latency when compared to cloud computing.

3.3.4 Virtualization

Virtualization is a converting technology in which physical IT resources are converted into vitalized resources. Virtual servers can create a virtual disk image that contains the backup file of the virtual server as virtual logical resources in the same physical hardware. All the MEC services and resources such as memory, storage, network infrastructure, power, operating systems are accessed through the virtualization concept. The MEC provider creates multiple virtual resources at the edge layer.

3.3.5 High Volume Servers

The MEC contains several high-volume servers deployed on the edge network. The responsibility of the server is to perform network traffic forwarding and filtering task. It is also responsible for executing the offloading task.

3.3.6 Network Technologies

The MEC is composed of several small–small computing devices and network technologies. Multiple mobile nodes, sensors, wireless stations, edge servers, computing devices are the key components of MEC.

3.3.7 Mobile Devices

Mobile devices are the main component of any MEC infrastructure. Its main feature is portability. It can perform low computationally intensive and hardware related tasks which relieves some load from the edge server. Portable devices also perform P2P computing within the edge network through D2D communication.

3.3.8 Software Development Kit

With the help of standard Application Programming Interface (API) [152] and software development kit, anyone can develop new edge applications which are easily adaptable and integrated with the current MEC applications.

3.4 MEC Actors and Their Roles

The following are the main actors of MEC, along with their roles.

  • Application Developer: Applications developers design MEC applications that are used for accessing the MEC services. They may create custom MEC software for a specific MEC customer or commercial software sold to the general public.

  • Content Provider: A content provider takes material and prepares it for distribution in the network. Its main responsibility is to collect all the local and real-time information about the network and distribute it among the participating nodes.

  • Mobile Subscriber: Mobile subscriber is the actual users who are subscribed to the MEC services. They have accessed all the MEC services through portable mobile phones.

  • OTT Players: Over-the-top (OTT) players share or receive the television or video materials as a standalone product via the Internet. Instead of using traditional methods like cables, OTT providers deliver video content over the internet.

  • MEC service provider: MEC service providers can utilize their network resources and introducing new innovative applications and services in front of MEC users that require low latency.

  • Software Vendors: An independent software vendor, also known as a software publisher, is an organization responsible for making specialized MEC software and sell it to other customers. They have not concerning about computer hardware components required in MEC.

  • Network Equipment Providers: Network equipment providers (NEPs), sometimes called telecommunications equipment manufacturers, are companies that sell products and services. The product and pieces of equipment are required for network communication.

3.5 MEC Access Technologies

The MEC network’s deployment at the mobile network’s end allows current mobile infrastructure services to be optimized. In the LTE downlink, Mobile Edge Scheduler reduces the average latency of general traffic flows [153, 154]. MEC aims to deploy multiple servers in proximity to deal with latency issues. However, deploying physical servers will be very expensive. To deal with this situation, several virtualized servers can be deployed on multiple mobile networks. Some deployment locations considered by the MEC ISG are LTE/5G base stations (eNodeB) [155, 156], 3G Radio Network Controllers (RNC), or multi-Radio Access Technology (3G/LTE/WLAN) [157, 158] cell aggregation sites. The MEC ISG has suggested that this virtualization infrastructure should not only limit itself to MEC services. Related services such as NFV [57, 159] and SDN [160, 161] shall also be hosted in the virtualization infrastructure. Moreover, Bluetooth is another access technology to communicate between devices.

3.6 Objective of MEC

The following are the objectives of MEC:

  • Minimizing Latency: With the servers being placed close to the user end devices, the communication time is reduced drastically.

  • Minimize Energy: By offloading high computational work to the nearest edge server relieves the user devices from intensive work. This also helps in reducing the energy consumption in the user device.

  • Minimize cost: The cost of hardware and software components can be reduced by deploying MEC on the virtualized servers.

  • Maximize Throughput: In the MEC architecture, everything is processed near the edge gateway. A short communication distance between the server and end-user can maximize the throughput of the MEC network.

  • Minimize Radio Utilization: Using MEC, a chunk of network tasks will be pre-processed at the node server and solve some of the network requests at the edge server. This would reduce the traffic reaching the cloud server. This can produce good results in terms of fast communication.

  • Optimize Computational Resources: By offloading the resource-intensive work to the edge server and performing low resource-oriented works in the user devices, the MEC network optimizes the computational resources.

3.7 Network Architecture

The first MEC reference architecture was developed by ETSI MEC ISG in 2016 [162]. The network architecture of MEC contains cellular network communication system infrastructure known as RAN provides communication between wireless controlled devices (mobile phones, sensors, cellular radio system). Some of the network architecture of MEC under different scenarios are found in [35] and [134]. The base concept of each MEC network architecture uses IT and cloud computing capabilities at the edge of the mobile network. This feature supports low latency, high bandwidth and enhances the performance of the system. It mostly resides between mobile users and the cloud. The network architecture of MEC is shown in Fig. 3. It contains a three-layer network architecture–User/system, Mobile edge, and Enterprise/core. It also contains several Base Stations (BS) that provides high radio coverage. The various wireless interfaces enable distributed BS to collect data from multiple edge devices, whether moving or stationary. The first user/system layer consists of edge computing devices and edge device management services. The management service will help run edge applications inside the mobile device under an operator network. This layer provides an interface to mobile edge hosts for accessing the edge computing service via mobile edge application.

Fig. 3
figure 3

MEC network architecture

Full size image

The second layer is the mobile edge layer which receives all the edge traffics generated by edge devices. It contains an edge platform and virtualization infrastructure that handles the management of edge specific computing tasks. All the computing tasks are performed with the help of geo-distributed physical or virtual servers with built-in IT and cloud computing services. The servers and computing devices are deployed near to the mobile users and use cellular network capabilities. It also performs less resource extensive analytics and store frequently accessed data in the cache. At the enterprise/core layer, the user can store their data in cloud and database servers. The user can perform high computation resource-intensive analytics and optimizing operations. When the edge nodes do not have adequate computational resources to handle their local data, they can offload their computing task to the cloud by adding more network resources and higher service latency. The addition of this layer makes the system resource-rich and increase the battery lifetime of user devices.

3.8 Advantages of MEC

There are several advantages of MEC. Their advantages are just not limited to the user end but also benefited to Mobile Network Operators (MNOs) [163, 164], Application Service Providers (ASPs) [165,166,167], Over-the-top (OTT) Players, and many more entities. Some of the advantages are stated below [168].

  • Reduced communication delay: Edge Computing aims at storing information at the close of the mobile edge server. This kind of data localization reduces computational complexity. It also reduces access delay with respect to latency. Also, the network bandwidth increases as lesser resources are needed to transfer data. Frequently requested data are stored at the node database, which reduces the communication overhead on the network.

  • Aggregation: MEC Servers are capable of aggregating similar or related traffic. These results lead to less network traffic and a positive impact on bandwidth utilization, scalability, and power consumption. Aggregation also helps in monitoring similar types of data from various devices that are aggregated together.

  • Augmentation: With the augmentation concept, more information is available at the base station. This data can be analyzed statistically and shared with the ASPs to provide better QoE. MEC-based augmentation comes with low network delay because ASPs can adapt service parameters in real-time.

  • Deploying application: MNOs can enable Radio Access Network (RAN) in a distributed computing environment to deploy applications and services. The exposer of RAN elements and information makes the deployment of applications and services more accessible and flexible. Enabling these services could help generate more revenue. Services like excess storage, speed, computational resources can be charged.

  • Infrastructure as a Service (IaaS) Platform: By enabling MEC enabled IaaS Platform [169,170,171] at the Network Edge, ASP services can be scaled along with higher bandwidth and lower latency. If ASPs could get real-time access to radio activities, it can lead to better application development.

  • Computation offloading: By offloading resource-intensive processes to the nearest edge node provides better QoS. High resource-intensive works cannot be performed on the user side due to limited hardware capabilities. This type of Offloading is performed if the power consumed for computing is more than for wireless transmission.

  • Balancing workload allocation: Geo-distributed local authorities can work together to process healthcare data synchronously. Adding a load balancer in the Edge Layer gives more control and a balanced workload of the global information at the edge nodes.

  • Security: MEC can perform the new level of surveillance and monitoring using video analysis. This analysis can be performed on the edge nodes. Also, the data can be received by the decision-makers very fast. The edge nodes are generally close to the users. The proximity of encrypted and signed traffic makes it more secure.

  • Easier management: The nodes are managed from the management hub. This makes it easier to implement security patch updates, changing functionalities, and many more. Moreover, it also makes it to find out the node that is not functioning properly.

4 FL Approaches for MEC

This section discusses the basic conceptual architecture of federated learning and the FL approaches/technologies used in MEC environment.

4.1 Overview of FL

FL allows mobile devices to learn from a prediction model cooperatively without sharing their local data, differently than secret sharing of [172]. It is also known as collaborative learning. This machine learning approach trains an algorithm with local data samples stored on the decentralized edge devices or servers. There are several open-source FL frameworks are identified [173,174,175,176]. Traditional machine learning approaches required a centralized local training dataset stored on one machine or one server. The difference between FL and other distributed learning schemes is that the local data are not exchanged between edge devices in FL. In contrast, in other learning approaches, the data are distributed in the environment. FL is considered a local dataset that resides on a single user’s end device and does not represent the overall population distribution.

The local datasets generated across federated learners may differ greatly in terms of size because they are independent of one learner device to another learner device. This can lead to an imbalanced distribution of the data across multiple nodes.

4.2 Formulation of AI and FL Models

In real-time MEC environment, there are multiple mobile edge nodes denoted as:

M = {m1;m2;m3; ……;mn}, where n is the number mobile edge nodes. Each of mobile edge nodes are participated in training a local model and sharing of that model with the help of their own database D = {d1; d2; d3;..; dn}. In the learning scenario, no edge devices can directly access the data from other devices. In every communication round, each edge devices train a local model and compute an updated wn with the local data dn. In this process, the edge device mn does not require to share their data to other devices. The total learning sample size is \(\sum_{n-1}^{N}{=n}_{k}\); where nk is the number of samples. The federated learning problem can be defined as minimizing the risk from the learning model. The mathematical formulation of federated learning is represented by using Eq. 1.

$$\underset{\mathit{w }\in {R}^{d}}{\mathit{min}}LF(w)= \sum_{n=1}^{N}\frac{{n}_{k}}{n} {LF}_{k}\left(w\right);\,where\,{LF}_{k}\left(w\right)= \frac{1}{{n}_{k}} \sum_{{x}_{i}\in {d}_{n}}{lf}_{i}\left(w\right)$$
(1)

Note that w is the model learning parameter. The function lfi(w) is computed with the help of loss function. The value of loss function should be minimum for a good result. It is dependent on input–output data pair {pi, qi}. Where pi ∈ Rd and qi ∈ R or qi ∈ {−1, 1}. The mathematical representation of loss function varies from algorithm to algorithm [45, 177]. Mathematically, the loss function is represented by Eq. 2, as detailed in [53]. The loss function of few standard learning models is represented by Eq. 3 (Linear regression), Eq. 4 (Logistic regression), and Eq. 5 (Support vector machines).

$${W}_{n}^{*}=\mathrm{arg} \mathrm{min}LF({w}_{n})$$
(2)
$$\mathrm{Linear\,regression }:{lf}_{i}\left(w\right)= \frac{1}{2} ({p}_{i}^{T} w-{q}_{i} {)}^{2}, {q}_{i}\in R$$
(3)
$$\mathrm{Logistic\,regression} :{lf}_{i}\left(w\right)= -log \left(1+\mathrm{exp}\left(-{q}_{i} {p}_{i}^{T} w\right)\right), {q}_{i}\in \{-\mathrm{1,1}\}$$
(4)
$$\mathrm{Support\,vector\,machines} :{lf}_{i}\left(w\right)= -\mathrm{max} \{\mathrm{0,1}-{q}_{i} {p}_{i}^{T} w , {q}_{i}\in \{-\mathrm{1,1}\}$$
(5)

After training of local models, all the models are uploaded to the server. The server aggregates all the received local models w1,w2,….wn to make a global model Wg. The global model is updated or downloaded in each of the edge node and then replaced the local model. Now, the new global model is used for training purpose in next round until the global learning process is completed. A diagrammatical representation of federated learning is shown in Fig. 4.

Fig. 4
figure 4

An architecture of federated learning in MEC environment

Full size image

4.3 FL Approaches/Technologies used in MEC Environment

This subsection summarizes the FL approaches/technologies used in MEC environment. The following aspects are considered to realize its underlying technology [178, 179].

Data partition in FL is helpful to build ML applications in which data are kept private throughout the training process. There are three different approaches in FL for the data partition. These are horizontal partition, vertical partition, and federated transfer learning.

Horizontal FL is also known as sample-based FL, is applicable when the dataset samples share the common user attributes or features, but the sample belongs to different users or datasets. This dataset is divided horizontally by consideration of user dimension and user characteristics. It does not consider the same users while data are split. The most famous example is Gboard which is Google’s keyboard on Android.

Another example of the medical sector in which medical researchers uses machine learning models to determine the possible occurrence of cancel cells. In such applications, each participant will get a new model by sending a gradient to the server. The server aggregates all the local gradient to make the global model that will be helpful to train the individual device. During the process, the private node information may leak. The standard solution to protect the data leaking is secure aggregation, homomorphic encryption, and differential privacy [180].

Vertical FL is often used when the two datasets share the same sample ID (user ID), but the feature of the dataset overlap little. The data is divided vertically based on the user ID and take the part of the data in which users are common, but features of the dataset are different. In this technique, the number of features for the training may increase. There are many machine learning models which use vertical federated learning. Some of the models are logical regression, classification, safe linear regression, statistical analysis, and data mining. It is an excellent exciting AI technology that can provide better personalized MEC services without compromising user’s privacy.

Federated transfer learning is a classical learning process in which both users and user features of two datasets rarely overlap and data is not segmented. In this technique, the process used a pre-trained model that is already trained on similar datasets to train a new model. The pre-trained model is an already trained model for solving of an entirely different problem. The assumption is a pre-trained model gives much accuracy compared to a trained fresh model built from scratch.

Privacy mechanism presented in 2017, as Google was the first organization that supports a federated learning approach for privacy-preserving in machine-learning models. The most important feature of Fl includes the raw data of each edge node is stored locally without exchanging or transferring to other nodes.

Model aggregation is a federated learning method that provides privacy solutions. This process trained the global model by the combination of multiple local model parameters received from multiple nodes. Shashi et al. [181] defined an incentive system that allowed numerous devices to participate in training the model.

This will achieve effective outcomes and improve communication efficiency. Yu et al. [182] showed a local adaptability model based on fine-tuning, multi-task learning, and knowledge extraction. In this model, individual participant privacy and the benefits of federated learning both can be achieved.

Homomorphic encryption is the traditional encryption techniques are the most widely used data security solution. Users without a key cannot extract plain text information from the encrypted data in these data encryption techniques. It means the security strength entirely depends on the key and without the key, the decryption is failed. The homomorphic encryption mechanism resolves the key’s computation issue by focusing on data processing security rather than the key. It enables arithmetic operations on encrypted data. This is also known as secure multi-party computation. The feature also allows users to encrypt their information in such a manner without opening the original data or without decryption users can calculate and process the encrypted data. Partially Homomorphic Encryption (PHE), Somewhat Homomorphic Encryption (SHE), and Fully Homomorphic Encryption (FHE) are the three categories of homomorphic encryption. PHE schemes support only one single arithmetic operation on ciphertexts. It is categorized into two different techniques: additive and multiplicative. Paillier cryptosystem is an example of additive PHE. RSA and ElGamal is an example of multiplicative PHE, which are proven not preferred compared to ECC [183]. Hardy et al. [184] presented a federated logical regression model that employs an additive homomorphism method to protect the system. Liu et al. [185] developed a federated learning framework for transfer learning in which the privacy mechanism additionally employs using additive homomorphic encryption to encrypt model parameters.

Differential Privacy is a possible privacy concept suggested by Dwork in 2006 to address the issue of privacy exposure in statistics datasets. According to this definition, the database’s calculation results are unaffected by changes to a single or specific record. Even the dataset has minimal influence on the calculation results. As a result, the risk of privacy disclosure by looking at or modifying a record into the dataset is minimum. The attacker is also unable to acquire precise individual information by looking at the calculated results. The training process of machine learning and deep learning includes noise in the output to apply differential privacy in gradient iteration.

Data availability is the process of ensuring that data is available to end-users and applications when they need it is known as data availability. It refers to the accessibility and continuity of information. The FL approach is divided into two categories based on the availability of the data and the number of edge nodes.

Cross-silo FL affects Edge nodes in this scenario which are often small-scale with a cluster of 2 to 100 devices. Training data are classified into horizontal learning and vertical learning. Cross-silo FL is more versatile and easier compared to cross-device FL. It is used within organizations or groups of organizations to train the ML model with their sensitive data. The encryption scheme is used to secure the information from the client as well as from the attackers.

Cross-device FL is the technique that contains a large number of edge nodes that belongs to a similar domain with similar interests from the global model. Due to the high number of users, it is tough to keep track of all nodes and preserve the transaction history of the records. Clients frequently connect across untrusted networks where node selection/participation in training rounds is totally random [186].

Aggregation run on the algorithms that help FL reach the goal global ML model by binding updates from multiple nodes. This logic must be configured the node heterogeneity, variable weights of each local model, and communication problems. FedAvg, SMC-Avg, FedMA, FedProx, Scaffold, Tensor Factorization, and FedAttOpt are some of the aggregation algorithms. The general federated learning aggregation scheme always uses at least two layers of aggregation: Local on-device aggregation and cross-device (or federated) aggregation.

Learning models are federated learning is facilitated with popular machine learning models whose main aim is to ensure the model’s privacy, accuracy and efficiency. Linear model, Decision tree model, and Neural network models are three popular ML model supported by FL.

Du et al. [187] proposed a security solution that addresses the security challenges of entity parsing. The security solution is developed in the federated environment to train a linear model. They achieve the same accuracy as the non-FL approach. Nikolaenko et al. [188] created a ridge regression system using homomorphic encryption. The linear model is simple to apply in comparison to other models. Thus, it is an excellent model for adopting federated learning.

Decision trees such as Gradient Boosting Decision Trees (GBDT) and random forests can be trained via federated learning. The GBDT method has received a lot of attention in recent years because it performs very well in the case of classification and regression. Zhao et al. [189] use the GBDT privacy protection system in regression and binary classification tasks. The system securely aggregates regression trees built by multiple data nodes to prevent the exposure of user data privacy. Cheng et al. [190] introduced SecureBoost. This framework allows users to create a federated learning system by training the gradient lifting decision tree model for horizontal and vertical division data.

Neural network models provide smart AI solutions with data privacy and security. It trains neural networks to improve the efficiency of the application, maintain privacy within the system, and complete complicated tasks. Deep neural network-based Drones application can help to build trajectory planning, target recognition, and target placement. The Unmanned Aerial Vehicle (UAV) group usually trains the model through deep learning to provide efficient services. The centralized training method cannot play the UAV’s real-time performance due to the absence of a constant connection between the UAV group and the ground base station. Zeng et al. [191] discussed a distributed federated learning algorithm applied to the UAV group for optimization of federated learning convergence speed and perform joint power allocation and scheduling. Liu et al. [192] propose a clustering FedGRU method that achieves the best global model and captures the Spatio-temporal correlation of traffic flow data. The model performs more accurately by combining the Gated Recurrent Unit neural network for traffic flow prediction with federated learning. Experiments on real data sets demonstrate that it outperforms non-federated learning approaches significantly.

Network topology is the arrangement of the edge nodes that link of communication network as a topology. Network topology is a term that may be used to describe or define the layout of many types of telecommunication networks such as command and control radio networks, industrial field buses, and computer networks.

Centralized and clustered FL is the base concept of FL built to serve decentralized data as strategy. But, still, it relies on a centralized server to manage the duty of gathering trained models from different FL edge nodes, building a global model, and sharing it with all edge nodes. This is mostly used to construct a third-party system to increase edge nodes confidence. The traditional centralized server hosts data and trains a given model on shared data. But, the centralized server in the FL environment works on a shared model via synchronous or asynchronous edge nodes updates. Gboard, an Android keyboard created using Tensorflow and federated from Google, is an example of a centralized FL method [83].

Fully decentralized FL are related to edge nodes in decentralized FL to work together as training model in a peer-to-peer way without the use of a server. Any edge node can start the training process by defining the model, loss function, and algorithm. After that, interested edge nodes can register and take part in the training. In decentralized FL, the model is split into many partitions replicated on different edge nodes. But, in centralized FL, only the server can store, modify, and broadcast the model to the participating edge nodes. Pappas et al. [193] implements a functional prototype for Interplanetary File System (IPLS) to measure its performance. For the simulation of the connectivity between the edge nodes, they use mininet. Each mininet node is an edge node that uses IPLS to participate in the training of a model.

Federated learning parameters are adopted once the learning network has been established, i.e., any edge node can choose different learning parameters to optimize the model. The number of federated learning round (K), the total number of participating edge nodes during the learning process (E), set of privileges used at each iteration for each edge node (P), and local batch size used at each learning iteration (B) are some essential learning parameters which can be changed over the time and changing of network scenario. Number of iterations for local training before pooling (L) and local learning rate (k) are model-dependent parameters.

Federated learning heterogeneity is a scenario for efficiency rating of the entire training process as affected due to the presence of heterogeneous communication devices.

In a traditional data-centric network, two popular communication techniques are available: synchronous communication and asynchronous communication. The consideration of multiple heterogeneous communication devices may easily disturb the synchronous communication method. The asynchronous communication strategy may better address the situation of multiple heterogeneous communication devices in the federated learning multi-device environment.

Fault-tolerant method can protect the system from collapsing in an unstable network environment, especially in a distributed environment. When many devices operate together, a device failure will have an impact on other devices. Federated learning is a promising solution that helps in such cases with maintaining of device security. Some of the research works [194, 195] not considered the device failure cases during the implementation. Thus, the system efficiency is not affected by the failure of any device.

Model heterogeneity is base foundation of any learning model as the sample data. The gathering of dispersed data from multi-party devices to train the federated model may affect the overall efficiency of the model. Thus, processing the heterogeneous data collected from different devices is important for maintaining global model efficiency. Multiple modeling solutions are available to handle the problem present in heterogeneous data. Some of the solutions are: If the device is single, their own model is the final model, develop a common global model that will apply to all the nodes, and train only specific models required for the tasks.

Communication efficiency is a federated learning approach assuming the complete learning process is distributed over multiple edge nodes. The entire communication load is figured as the summation of the total number of bits transferred from edge node to server or server to edge nodes by each client (C). The overall communication efficiency is computed with the help of Eq. 6. In this Eq. 6, U is the entire updates done by edge noes, |S| is the model size, ESupload/download) is the entropy of the weight updates, and ϒ is the difference between true and minimal update size. The complete update size is defined as: |S| * ESupload/download) + ϒ

$$\alpha^{{\text{upload/download}}} \in \partial \left( {U*\left| S \right|*\left( {E\left( {\Delta S^{{\text{upload/download}}} } \right) + \Upsilon } \right)} \right)$$
(6)

5 Security & Privacy Challenges with Countermeasures in AI-Based MEC

Security and privacy challenges include protection of interconnected systems and network devices from data theft, damage to hardware or software, loss of important data, misdirection of the service provided and many more. Any security mechanism aims to stop such kinds of issues/threats and maintain Confidentiality, Integrity, and Availability (CIA) [196,197,198] into the system. The discussion of security and privacy challenges with their countermeasures is summarized as discussed next.

The AI-based MEC is an emerging technology that has been rapidly growing in the last few years. Thus, it is required to study how much it is vulnerable to security threats from bad actors. AI is an intelligent programming technique to determine the pattern, predicting the values and outliers in the given datasets [199]. For this, the quality of the data should be maintained. The quality of datasets improves the accuracy of the AI model. However, in the case of AI-based MEC produce a high volume of data. The maintains and extraction of quality data is a challenging issue in the AI technique. Bad actors can feed polluted training datasets, which reduces AI accuracy, which is known as poisoning threats. The bad actors can provide some new inputs to change the output of the model. This can suffer from evasion threats. They can also customize the AI software component with public API, which is not much secure. The security of AI models and software components itself is a challenging issue. There need some solutions before deploying it to provide IoT security. Machine Learning techniques are also exposed to security vulnerabilities. In [200] inspects security concerns of outsourcing training of machine learning models and acquisition of these models from online model zoos. They identified several points of entry that can be used to introduce backdoor threats. They also identified several cases where maintaining the integrity of shared pre-trained models is very difficult.

The main issue with AI-based MEC is that it is difficult to detect flaws in the system [201]. AI systems have a dynamic, networked, and adaptive nature. From the user’s perspective, it is not easy to understand their internal process and behavior. The user also does not identify the resultant outcome as accurate or may change due to unwanted activities/threats. For instance, backdoor threats in the neural network may change the system’s behavior if some malicious trigger has been activated, and identifying these threats/triggers is challenging.

MEC with AI also faces many security and privacy challenges [202]. The edge servers are vulnerable to Denial of Service attacks in which the attacker sends many false network packets to the edge server. This can cause unnecessary heavy traffic on the edge server. This attack may reduce the network performance or create a service availability issue. When sensitive data is offloaded to edge nodes, direct or physical control over the data may be lost. This can lead the data breaches and privacy issues of the data. Data storage can be audited using appropriate auditing procedures to ensure that data is stored correctly. Before storing the data to the MEC server, it must be encrypted. Secondly, 5G network providers should undergo external audits and security certification. Sharing of internal policies creates a loophole that may hamper the security of the system. A user’s physical data’s precise location is less transparent, confusing specific jurisdictions and commitments to local privacy requirements.

As data will be stored in a shared space, each user’s data should be separated using encryption methods and a data-sharing mechanism. This also needs a proper multi-user fine-grained access control mechanism in which each user has different access privileges. Secure data encryption techniques may overcome the sharing issue because only authorize party knows the decryption key.

The MEC technology is leveraged several virtualized deployment models such as NFV, ICN and SDN. This virtualization infrastructure provides shared network resources among multiple users. The leaking of one resource information can affect the whole network infrastructure. The loss of data could completely deplete the resources used to perform computationally, storage, and network tasks and deny request services. Bad actors can misuse virtual resources. The VM sprawl threats happen when the resources administrator cannot control or manage the virtual network resources. It is also known as virtualization sprawl. In this case, bad actors can use some exploit running on the old OS, which has not been patched due to VM sprawl [203, 204]. Another security threat is design flaws. This is the error produced while configuring the system or due to insufficient security training. Hypervisor hardening [205,206,207], network abstractions [161, 208], and isolation policies are some security solutions that may overcome the security flaws and protect the virtual and physical server from different types of threats. An important security challenge arises while data are moved from the edge to the cloud servers or vice-versa. During the transmission, data may be intercepted or changed.

MEC also needs to offer proper recovery mechanisms in case of data loss. One solution is to create multiple backup files of the same data. In MEC, users’ data are kept in a shared location. This makes investigating or searching data is a time-consuming process. The authenticity and privacy-preserving of the hardware and software components should be ensured. The encryption mechanism such as homomorphic encryption [209,210,211] can maintain the user privacy computation that has been performed without decryption of the original data. Secure authentication in a local MEC ad-hoc wireless network can help with Authentication and Identification problems [212]. For authentication purposes, the connected device uses authenticated key protocols and a Stand-alone authentication mechanism. It also has to be checked that wrong information does not result in wrong actions, resulting in loss of money, information, and user privacy. A secure transmission medium must be needed for exchanging information through a wireless medium. Intrusion detection systems (IDSs) [213] and Intrusion Prevention System (IPS) [214, 215] are some mechanism that will monitor the network packets and analyze the system traffics logs. This system will restrict any unauthorized access and generates alerts for malicious packets. This system feature protects the MEC network from different types of attacks and threats. A list of security and privacy challenges with their countermeasures is summarized in Table 3.

Table 3 Security challenges with their countermeasures
Full size table

6 Security Attacks in MEC

The MEC provides a better structure for processing the data with low latency and low transmission delay. Due to the nature of distributed computing, several vulnerabilities and attacks are identified, which hamper the MEC network’s security. Some of the attacks are discussed as follows:

  • Denial of Service Attacks: In a DoS attack, the attackers’ main aim is to disrupt the MEC services and block the resources provided by any applications. Distributed Denial of Service or DDoS attacks is the extension of DoS attacks in which attackers continuously send streams of the packet to the victim using distributed electronic devices, also known as botnets. This exhausts the hardware and resources of the victim. Resultant of this, the application is not able to process legitimate requests. Edge servers of the MEC network are more vulnerable to these attacks as they are computationally less powerful. Flood attacks are a type of DoS attack where the victim’s system is flooded with malicious packets. UDP flooding [258, 259], ICMP flooding [260, 261], SYN flooding [262, 263], Ping of Death (PoD) [264] are some examples of flood attacks.

  • Zero-Day Attacks: A zero-day attack is possible when an attacker determines the vulnerabilities in the software programs. The software developers and vendors are unaware of these unintentional flaws or holes in software programs. Attackers can exploit this undocumented vulnerability to achieve access to MEC servers and resources, which can lead to more issues [265, 266]. When the vendor discovers this issue, they begin to write a patch and tests it to resolve the software programs’ weaknesses.

  • Poisoning attack: Many types of AI applications use large datasets and intelligent algorithms to determine the patterns in the datasets. The software programs also learn the feature and patterns of the datasets. Based on these learning capabilities, they provide appropriate responses and predict future behavior. Attackers can provide the AI-based MEC system with wrong information, which decreases the AI model’s accuracy. Manipulating data sets can also subtly change the design parameters to ignore suspicious activities [267, 268]. The poisoning attack includes data poisoning, model poisoning, and data modification.

  • Evasion attacks: An evasion attack [269, 270] happens when the intruder is fed some perturbed input in the network. This input looks similar to the original one, and the original receiver does not identify the perturbed input. The inputs look the same to humans but throw the model off. For example, changing a few pixels in a photo will fail the image recognition system [271], but can seem normal to a human eye [272].

  • Exploiting Communication Channels: A communication channel contains a lot of sensitive information about the communication entities. Thus, it is an attractive point for the attacker to exploit the communication network. These attacks may exploit packet streams or exploit wave signals [273, 274]. In this attack, an attacker continuously monitors network traffic to determine the communication entities sensitive information.

  • Malicious packet injections: The attacker can inject the malicious packets either on the server-side or device side. SQL Injection [275], Cross-Site Scripting (XSS) [276, 277], Cross-Site Request Forgery (CSRF) [278] and Server-Side Request Forgery (SSRF) [279] are few attacks which target the edge servers. Bad actors try to inject the malicious packets into IoT-Edge servers to disturb the IoT device functionality. Remotely injected malware can lead to remote code execution. These attacks can lead to data loss and theft, breach data integrity, and leak the password.

  • Dictionary attacks: Authentication-based password protection mechanisms can protect the system from this attack [280, 281]. A dictionary attack is a type of brute force attack where all the possible combinations of passwords are tested to find the correct password. The difference between a brute force and dictionary attack is that dictionaries are commonly used passwords and are easily available and downloadable from open-source communities. This type of attack in the MEC server can degrade the strength of the authentication mechanism.

  • Weak authentication & Authorization Protocol: Authentication is the process of uniquely identifying a person by using passwords. Weak passwords or weak authentication can lead the data loss or theft and identity theft. Bad actors target this weak authentication by using brute force or dictionary attacks. These vulnerabilities are also identified in WPA/WPA2 protocols [282, 283] in 4G and 5G networks. OAuth 1.0 [284, 285] authorization mechanism is vulnerable to fixation attacks [286, 287] in which service provider requests token is approved by some other relying party [288].

  • Sybil attack: In Sybil attacks, the attacker show multiple pseudonymous identities to gain all the MEC privileges. This attack can lead to data loss or theft, breach the system’s privacy, or hamper the reputation of the system [65].

  • Collusion attack: It is a type of attack where an edge server or node has been compromised by making a secret agreement with bad actors [289]. There are two types of collusion—internal and external. In the MEC environment, the edge serves are automated, but it is possible with the collusion attack, the server is compromised. In this case, the server handling and maintenance activities are performed by a human.

  • Man in the Middle (MitM) attack: In MitM, the attackers are come in between the communicating parties and impersonate the other party to receive data [150]. This can lead to data loss, privacy loss, replay attack, and data manipulation.

7 Applications of AI- and Fl-Based MEC

The MEC is considered a newly emerging technology. Due to its flexible and adaptable nature. It can be used in many applications where quick service response and high transmission rate are required. Some of the current notable applications of MEC can be summarized as follows:

7.1 Augmented Reality

This type of applications provides us with a reciprocal experience where the real-world environment is enhanced by computer-generated intuitive information. Augmented Reality uses information from the camera or location of the user, analyzes the data, and provides additional information about the things they are experiencing. The information is needed to be refreshed if there is movement. Once the data is generated, it is sent to the cloud server for analysis purposes, and the results are sent back to the user. However, this increases traffic a lot. MEC would answer this problem as information about the place would be stored locally on the node. This reduces the communication delay and also relieves the cloud server from additional traffic.

7.2 Internet of Things (IoT)

IoT devices generate lots of messages on telecom networks. A real-time capability and low-latency aggregation mechanisms are needed to handle the messages, protocols, message routing, and big data processing. MEC enables aggregation and distributes IoT services into base stations or Edge nodes which handles real-time responses. It also reduces the round-trip time of data.

7.3 Connected Cars

The architecture of connected cars is used to send vehicle-related data to the cloud servers so that users can get a better navigation system, reduce chances for road accidents, etc. MEC can join the connected car cloud with the MEC servers, enabling data and applications to be stored closer to cars. This would reduce the latency of data and provide real-time analysis.

7.4 Video Acceleration

Video acceleration applications can boost the QoE as well as improve resource utilization. All the web information can be accessed through Hypertext Transmission Protocol (HTTP) over the TCP protocol. In this situation, MEC can provide a better answer in terms of a fast response.

7.5 Smart City

To make the smart city, several wireless nodes, actuators, and sensors are placed in different locations in the city to measure the air, humidity, temperature, noise level, etc. All the sensors are interconnected with the help of the internet that provides a constant stream of information. This information can be analyzed to create a detailed report about the city and make technological improvements wherever necessary.

7.6 Smart Buildings

Smart buildings contain multiple MEC devices which can be placed at different levels in a building. It will also act as a Nano data center to collect information based on several factors. Emergency responses on fire can also be triggered using sensors. The MEC provides a solution to handle such emergency responses. Before allowing someone in the building, unique identification and authorization must be needed to improve the security of the building.

7.7 Connected Scenery Park

This type of application includes a network of MEC nodes to attend to local tourists’ needs. The MEC nodes or servers should be installed in appropriate areas in the park. The nodes contain pre-loaded information with a map of the area and a tourist guide. They can also provide useful information about environmental monitoring, road conditions, and other safety information.

7.8 Big Data Analytics

MEC can provide a solution for handling big data problems. Latency is one of the important issues in the big data cloud. MEC processing units considered reliable data sources and proximity approach so that the latency issues cannot occur. A MEC server could handle the data accession, processing, minimize data movement, storage, and balancing computational abilities.

7.9 Blockchain

Integrating the current blockchain technology leverages computing power in the MEC environment. This makes incorporating more miners easier, which can increase the robustness of the blockchain-based mobile network. Additionally, the mobile users have an incentive from the reward obtained in the consensus process.

7.10 Smart Grid

The smart-grid-based applications contain multi-levelled architecture, including grid sensors and devices capable of handling time-sensitive and real-time data processing. These capabilities also extend machine-to-machine connectivity in which latency-sensitive data are processed very effectively.

7.11 Computational Offloading

This application transfer high computational tasks that need many resources to an external platform like an edge node, grid, or cloud. Offloading at the edge node reduces network communication load. It also reduces the access delay with respect to response time.

7.12 Content Delivery

Content delivery applications based on a content distribution network (CDN) are composed of proxy servers, edge nodes, and base stations geographically dispersed. The network goal is to provide services and data to its end users whenever needed in a high performance and efficient manner.

7.13 Collaborative Computing

Collaborative computing includes modern technological resources to promote and improve group work. It is a type of distributed technology where individuals work together from different locations. Combining MEC and 5G could result in a real-time context-aware ad-hoc collaboration framework. This framework effectively addresses the low latency cases as well as provides low-cost working platforms.

7.14 Healthcare

Edge computing technology has made telehealth and remote patient monitoring more accessible. This is possible because it takes low computation power, and the response is rapid. Internet of Medical Things (IoMT) [290] enables such medical systems in connected devices to give a fast response and take low time for the diagnosis of patients [291], as essential urgent service in some critical situations [292].

8 Discussion, Open Issues, and Future Scope

The prime objective of MEC is to deal with the issues present in the cloud computing model. Such issues are high bandwidth, high computation power, high service latency, and many more. The paper gives a brief introduction of the technologies currently used and points out the issues with the technology. The issues present in the current technology motivate us to investigate a new solution that overcomes such issues. This motivation leads to the invention of MEC, where the computation and processing units are near the user location. This will reduce the transmission distance as well as improve service efficiency. Several literature works are investigated to overcome the cloud computing issues by introducing the concept of MEC. Some of the works tried to improve the network efficiency of MEC. This work also considers the machine learning and deep learning-based AI approaches because they make the system more effective, faster, and intelligent.

The MEC background is thoroughly investigated, which will help other researchers understand the concept of MEC. This survey is not limited to MEC but also introduced the FL and IoT solutions used in MEC. Several works are presented in the literature to solve the Security and privacy threats and attacks. But, still, some of the threats and attacks are present. This works tried to provides some countermeasures to those threats and attacks. MEC can be used in many applications, including augmented reality, healthcare, IoT, Big data analytics, and many more.

MEC received much attention from the past few years, and people are more focused on this area. New researchers try to solve the problem present in the MEC. The literature identified several open issues that are still not solved and waiting for an effective solution. Some of the important open issues are as follows:

  • Efficient Deployment and Management: MEC depends on the use of Edge nodes. All the MEC nodes need to be appropriately distributed in the network area. The properly distributed edge nodes give a guarantee of efficient MEC services for all users. Some algorithm and techniques need to be instigated that provides efficient deployment and management of MEC servers. This would make effective computational ability usage in terms of QoS and QoE. An efficient control procedure is also required to ensure proper management of MEC resources.

  • Offloading Management: Offloading the jobs from the core network is one of the primary functions of MEC. It determines where the computation will be done—locally, edge node, or jointly. Most of the offloading research is based on hypothetical assumptions like users are not moving and focus mainly on power consumption. There is a lack of available research on the dynamic or moving user equipment. There is also a need for research on the effect of channel quality on offloading.

  • Allocation of Computational Resources: In MEC, some techniques are needed for the efficient allocation of computational resources. During the process, if some resources are free, then immediately assign those resources to another process. This type of resource allocation system is missing in the literature.

  • Standard Protocol: MEC is still in the developmental stage. There is a need to standardize the technology through a collaborative effort of different companies and researchers.

  • Availability and Security: The resources should always be available to the user devices. This depends on the edge node capacity and the medium through which it is being accessed. The security of the data and applications from attackers should be considered shortly.

  • Simulation Platform: Simulation platform creates a real-world system model using the programming language. This comes with many advantages, but some defects in the platform can create lots of software issues during the developmental stage. Techniques of handling such issues are still open issues.

  • Mobility Management: Continuously connection is one of the major problems while implementing a mobility management technique. The system needed a continuous connection with the edge server in both types of horizontal and vertical mobility.

  • Pricing Model: A suitable pricing model should be established for consumers consuming edge networks from local or roaming-based stations. The pricing model should also keep the basic network parameters such as service cost, service response time, turnaround time, access bandwidth, and availability information in mind while creating the model.

  • Transparent Application Migration: User applications send data to edge servers for execution. There needs a transparent migration system that migrates delay-sensitive and real-time applications to other platforms.

  • Openness of Network: In the current architecture system, the network providers have complete control over the network. But, in MEC, the network is completely open in which different types of third-party vendors have come. They perform a different type of operation as well as access different data. This will increase the security risks in the system. A standard authentication mechanism and proper validation are needed before performing any action in the system.

9 Conclusion

Nowadays, MEC has emerged as novel technology integrated with other approaches to provide efficient practical services and decisions. Smart services and decisions take low computation power, fast response, required low bandwidth and offloading resource-intensive work. It also shifts the network architecture from centralized arrangement to decentralized effective architecture. This phenomenon improved the security of the architecture and protected the system from a single point failure. However, several challenges came to picture as obstacles to the deployment of MEC applications in different sectors. The challenges are not limited to security and privacy issues but also cover the creation of a standard deployment model, typical protocol, and offloading algorithms that are easily utilized in any IT system.

This paper tries to cover an updated review of such MEC challenges studying design standard platforms that are efficiently easily adaptable. The introduction of MEC provides standard architecture and deployment templates for the development of new applications. The FL and AI approaches involve the MEC system more flexible and smarter, such that they can be used attractively in many applications. Thus, the survey discussion also covers the new technological aspects like IoT and ML approaches used within MEC strategies. Due to the integration of innovative MEC technologies, several security and privacy challenges are coming vital into the system. Thus, the countermeasures of challenges found making all effort to overcome these tests issues. Due to the MEC dynamic and attractive nature, several attacks may hamper the network’s functionality as covered differently within the paper presentation. The paper work highlights most related intellectual open issues and challenges that are still unsolved and need to be more focused on for future sophisticated research studies to come.