A Game of Microservices: Automated Intrusion Response

  • Tetiana YaryginaEmail author
  • Christian Otterstad
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10853)


The microservice architecture is a subtype of distributed systems that has been attracting a lot of interest both in the industry and academia. Emerging research recognizes the need for a better understanding of microservice security, and, in particular, mechanisms that enable defense-in-depth and adaptive security. With the continuously growing number of possible attacks and defenses, the choice in the optimal defense strategy becomes non-trivial as well as time critical. We propose a cost-sensitive adaptable intrusion response system for microservices, which uses a game theoretic approach to automatically respond to network attacks in real time. Furthermore, we discuss both the applicable attacks and defense responses specific to microservices.


Adaptive security Self-protection Game theory Defense-in-depth SOA IPS IDS Minimax 


  1. 1.
    Pautasso, C., Zimmermann, O., Amundsen, M., Lewis, J., Josuttis, N.: Microservices in practice: reality check and service design. IEEE Softw. 34, 91–98 (2017)CrossRefGoogle Scholar
  2. 2.
    Newman, S.: Building Microservices. O’Reilly Media (2015)Google Scholar
  3. 3.
    Tanenbaum, A., van Steen, M.: Distributed Systems: Principles and Paradigms. Pearson Prentice Hall, Upper Saddle RIiver (2007)zbMATHGoogle Scholar
  4. 4.
    Zimmermann, O.: Microservices tenets agile approach to service development and deployment. Comput. Sci. Res. Dev. 32(3–4), 1–10 (2016)Google Scholar
  5. 5.
    Yuan, E., Esfahani, N., Malek, S.: A systematic survey of self-protecting software systems. ACM Trans. Auton. Adapt. Syst. 8(4), 171–1741 (2014)CrossRefGoogle Scholar
  6. 6.
    Fetzer, C.: Building critical applications using microservices. IEEE Secur. Priv. 14(6), 86–89 (2016)CrossRefGoogle Scholar
  7. 7.
    Sun, Y., Nanda, S., Jaeger, T.: Security-as-a-service for microservices-based cloud applications. In: CloudCom, pp. 50–57. IEEE (2015)Google Scholar
  8. 8.
    Otterstad, C., Yarygina, T.: Low-level exploitation mitigation by diverse microservices. In: De Paoli, F., Schulte, S., Broch Johnsen, E. (eds.) ESOCC 2017. LNCS, vol. 10465, pp. 49–56. Springer, Cham (2017). Scholar
  9. 9.
    Yarygina, T., Bagge, A.H.: Overcoming security challenges in microservice architectures. In: Service-Oriented System Engineering (SOSE 2018). IEEE, March 2018Google Scholar
  10. 10.
    Stakhanova, N., Basu, S., Wong, J.: A taxonomy of intrusion response systems. Int. J. Inf. Comput. Secur. 1(1–2), 169–184 (2007)Google Scholar
  11. 11.
    Osborne, M., Rubinstein, A.: A Course in Game Theory. MIT Press, Cambridge (1994)zbMATHGoogle Scholar
  12. 12.
    Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: HICSS, pp. 1–10. IEEE (2010)Google Scholar
  13. 13.
    Zonouz, S.A., Khurana, H., Sanders, W.H., Yardley, T.M.: RRE: a game-theoretic intrusion response and recovery engine. IEEE TPDS 25(2), 395–406 (2014)Google Scholar
  14. 14.
    Noureddine, M.A., Fawaz, A., Sanders, W.H., Başar, T.: A game-theoretic approach to respond to attacker lateral movement. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 294–313. Springer, Cham (2016). Scholar
  15. 15.
    Snort official web-site. Accessed 23 Feb 2018
  16. 16.
    Folino, G., Sabatino, P.: Ensemble based collaborative and distributed intrusion detection systems. J. Netw. Comput. Appl. 66(C), 1–16 (2016)CrossRefGoogle Scholar
  17. 17.
    Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE TDSC 1(1), 11–33 (2004)Google Scholar
  18. 18.
    Jackson, T., et al.: Compiler-generated software diversity. In: Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X. (eds.) Moving Target Defense. Advances in Information Security, vol. 54, pp. 77–98. Springer, New York (2011). Scholar
  19. 19.
    Simmons, C.B., Shiva, S.G., Bedi, H.S., Shandilya, V.: ADAPT: a game inspired attack-defense and performance metric taxonomy. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 344–365. Springer, Heidelberg (2013). Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.Department of InformaticsUniversity of BergenBergenNorway

Personalised recommendations