Abstract
In the evolving landscape of cloud computing, containerized microservices have emerged as a dominant architecture, presenting unique security challenges. This paper introduces a novel security framework, harnessing the power of machine learning, to enhance the detection and response capabilities against misuse in Kubernetes-based microservices environments. Central to our approach is the Dynamic Topology Adjustment (DTA) operator, seamlessly integrated with Kube-OVN’s advanced networking features, enabling proactive and dynamic adaptation of the network topology in response to real-time security threats. We implement an AI-driven misuse detection model based on the SGDOneClassSVM algorithm, tailored to analyze network flows within these complex systems. Our framework not only addresses immediate security concerns but also sets a foundation for adaptive, intelligent security management in cloud-based microservices. Experimental results, derived from a specially curated dataset targeting container-specific vulnerabilities, demonstrate the efficacy of our approach in detecting a range of security threats with high accuracy, showcasing its potential as a robust solution for container security in cloud environments.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abbas, M., et al.: PACED: provenance-based automated container escape detection. In: 2022 IEEE International Conference on Cloud Engineering (IC2E), pp. 261–272 (2022). https://doi.org/10.1109/IC2E55432.2022.00035
Aktolga, I.T., Kuru, E.S., Sever, Y., Angin, P.: AI-driven container security approaches for 5G and beyond: a survey. ITU J-FET 4(2), 364–382 (2023). https://doi.org/10.52953/ZRCK3746
Chen, J., Huang, H., Chen, H.: Informer: irregular traffic detection for containerized microservices RPC in the real world. High-Confidence Comput. 2(2), 100,050 (2022). https://doi.org/10.1016/j.hcc.2022.100050
Cui, P., Umphress, D.: Towards unsupervised introspection of containerized application. In: 2020 the 10th International Conference on Communication and Network Security, ICCNS 2020, New York, NY, USA, pp. 42–51. Association for Computing Machinery (2021). https://doi.org/10.1145/3442520.3442530
Gan, Y., et al.: An open-source benchmark suite for microservices and their hardware-software implications for cloud & edge systems. In: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 3–18. ACM, Providence RI USA (2019). https://doi.org/10.1145/3297858.3304013
Sever, Y., Dogan, A.H.: A Kubernetes dataset for misuse detection. ITU J. Futur. Evolving Technol. 4(2), 383–388 (2023). https://doi.org/10.52953/FPLR8631
Sever, Y., et al.: An empirical analysis of ids approaches in container security. In: 2022 International Workshop on Secure and Reliable Microservices and Containers (SRMC), pp. 18–26 (2022). https://doi.org/10.1109/SRMC57347.2022.00007
Tien, C.W., Huang, T.Y., Tien, C.W., Huang, T.C., Kuo, S.Y.: KubAnomaly: anomaly detection for the Docker orchestration platform with neural network approaches. Eng. Rep. 1(5), e12,080 (2019). https://doi.org/10.1002/eng2.12080
Zhang, L., Cushing, R., de Laat, C., Grosso, P.: A real-time intrusion detection system based on OC-SVM for containerized applications. In: 2021 IEEE 24th International Conference on Computational Science and Engineering (CSE), Shenyang, China, pp. 138–145. IEEE (2021). https://doi.org/10.1109/CSE53436.2021.00029
Acknowledgement
This research has been supported by the TÜBİTAK 3501 Career Development Program under grant number 120E537 and the TÜBA GEBİP Program. The entire responsibility of the publication belongs to the owners of the research.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Aly Amin, M., Harun Dogan, A., Sena Kuru, E., Sever, Y., Angin, P. (2024). Misuse Detection and Response for Orchestrated Microservices Based Software. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 204. Springer, Cham. https://doi.org/10.1007/978-3-031-57942-4_22
Download citation
DOI: https://doi.org/10.1007/978-3-031-57942-4_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57941-7
Online ISBN: 978-3-031-57942-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)