Generating Realistic Attack Data for Microservices: Framework and Case Study
Pages 60 - 69
Abstract
Microservice applications have gained significant popularity due to their capability to decrease the complexity of developing highly scalable, manageable, and flexible systems. However, the microservices distributed nature, fine service granularity, and large attack surface introduce new security challenges, making it crucial to develop effective mechanisms for protecting those applications at runtime. Nevertheless, developing novel solutions relies on the availability of suitable datasets, which are currently lacking and need to be generated through new research. This research paper presents a comprehensive framework designed to support research on monitoring and analyzing microservices, aiding in the development of novel solutions for detecting attacks in the context of microservice applications. We present an implementation of the framework for generating data for high- and low-volume Denial of Service (DoS) attacks, highlighting its key components and features. Furthermore, we present a series of attack profiles and evaluate the framework’s performance in a case study, demonstrating the framework’s usefulness for generating data for DoS attacks by presenting a model that successfully detects the attacks.
References
[1]
Carlos M Aderaldo, Nabor C Mendonça, Claus Pahl, and Pooyan Jamshidi. 2017. Benchmark requirements for microservices architecture research. In 2017 IEEE/ACM 1st International Workshop on Establishing the Community-Wide Infrastructure for Architecture-Based Software Engineering (ECASE). IEEE, 8–13.
[2]
Apache Software Foundation. 2022. Apache JMeter. The Apache Software Foundation. https://jmeter.apache.org/
[3]
Ataollah Fatahi Baarzi, George Kesidis, Dan Fleck, and Angelos Stavrou. 2020. Microservices made attack-resilient using unsupervised service fissioning. In Proceedings of the 13th European workshop on Systems Security. 31–36.
[4]
Sriyash Caculo, Kanishka Lahiri, and Subramaniam Kalambur. 2020. Characterizing the scale-up performance of microservices using teastore. In 2020 IEEE International Symposium on Workload Characterization (IISWC). IEEE, 48–59.
[5]
Clinton Cao, Agathe Blaise, Sicco Verwer, and Filippo Rebecchi. 2022. Learning State Machines to Monitor and Detect Anomalies on a Kubernetes Cluster. In Proceedings of the 17th International Conference on Availability, Reliability and Security. 1–9.
[6]
Jessica Castro, Nuno Laranjeiro, and Marco Vieira. 2022. Detecting DoS Attacks in Microservice Applications: Approach and Case Study. In Proceedings of the 11th Latin-American Symposium on Dependable Computing. 73–78.
[7]
Jessica Castro, Nuno Laranjeiro, and Marco Vieira. 2023. Exploring Logic Scoring of Preference for DoS Attack Detection in Microservice Applications. In ICWS - International Conference on Web Services.
[8]
Cloud Native Computing Foundation. 2022. Kubernetes. Kubernetes. https://kubernetes.io/
[9]
Qingfeng Du, Tiandi Xie, and Yu He. 2018. Anomaly detection and diagnosis for container-based microservices with performance monitoring. In Algorithms and Architectures for Parallel Processing: 18th International Conference, ICA3PP 2018, Guangzhou, China, November 15-17, 2018, Proceedings, Part IV 18. Springer, 560–572.
[10]
Jozo Dujmovic. 2018. Soft computing evaluation logic: The LSP decision method and its applications. John Wiley & Sons.
[11]
Google. 2022. cAdvisor. Google. https://github.com/google/cadvisor
[12]
Alexey Grafov. 2016. Hulk. https://github.com/grafov/hulk. Accessed on March 17, 2023.
[13]
Johannes Grohmann, Patrick K Nicholson, Jesus Omana Iglesias, Samuel Kounev, and Diego Lugones. 2019. Monitorless: Predicting performance degradation in cloud applications with machine learning. In Proceedings of the 20th international middleware conference. 149–162.
[14]
Wilhelm Hasselbring and André van Hoorn. 2020. Kieker: A monitoring framework for software engineering research. Software Impacts 5 (2020), 100019.
[15]
Mohammad Hossin and Md Nasir Sulaiman. 2015. A review on evaluation metrics for data classification evaluations. International journal of data mining & knowledge management process 5, 2 (2015), 1.
[16]
InfluxData Inc. 2023. InfluxDB. https://github.com/influxdata/influxdb.
[17]
InfluxData Inc. 2023. Telegraf. https://github.com/influxdata/telegraf.
[18]
Ghafar A Jaafar, Shahidan M Abdullah, Saifuladli Ismail, 2019. Review of recent detection methods for HTTP DDoS attack. Journal of Computer Networks and Communications 2019 (2019).
[19]
Min Li, Dingyong Tang, Zepeng Wen, and Yunchang Cheng. 2021. Microservice anomaly detection based on tracing data using semi-supervised learning. In 2021 4th International Conference on Artificial Intelligence and Big Data (ICAIBD). IEEE, 38–44.
[20]
Modupe Odusami, Sanjay Misra, Olusola Abayomi-Alli, Adebayo Abayomi-Alli, and Luis Fernandez-Sanz. 2020. A survey and meta-analysis of application-layer distributed denial-of-service attack. International Journal of Communication Systems 33, 18 (2020), e4603.
[21]
Areeg Samir and Claus Pahl. 2020. Detecting and localizing anomalies in container clusters using Markov models. Electronics 9, 1 (2020), 64.
[22]
Solarstone. 2014. Torshammer. https://sourceforge.net/projects/torshammer/. Accessed on March 17, 2023.
[23]
Joakim Von Kistowski, Simon Eismann, Norbert Schmitt, André Bauer, Johannes Grohmann, and Samuel Kounev. 2018. Teastore: A micro-service reference application for benchmarking, modeling and resource management research. In 2018 IEEE 26th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS). IEEE, 223–236.
[24]
Lingzhi Wang, Nengwen Zhao, Junjie Chen, Pinnong Li, Wenchi Zhang, and Kaixin Sui. 2020. Root-cause metric location for microservice systems via log anomaly detection. In 2020 IEEE International Conference on Web Services (ICWS). IEEE, 142–150.
[25]
Dongjin Yu, Yike Jin, Yuqun Zhang, and Xi Zheng. 2019. A survey on security issues in services communication of Microservices-enabled fog applications. Concurrency and Computation: Practice and Experience 31, 22 (2019), e4436.
Index Terms
- Generating Realistic Attack Data for Microservices: Framework and Case Study
Recommendations
Detecting DoS Attacks in Microservice Applications: Approach and Case Study
LADC '22: Proceedings of the 11th Latin-American Symposium on Dependable ComputingA microservices-based architecture decreases the complexity of developing new systems, making them highly scalable and manageable. However, its distributed nature, the high granularity of services, and the large attack surface increase the need to ...
Microservices made attack-resilient using unsupervised service fissioning
EuroSec '20: Proceedings of the 13th European workshop on Systems SecurityApplication-layer DoS attacks are increasing as the number of cloud-deployed microservice applications is increasing. The attacker tries to exhaust computing resources and brings the nominal applications down by exploiting application-layer ...
Localized DoS Attack Detection Architecture for Reliable Data Transmission Over Wireless Sensor Network
Due to the scattered nature of WSNs, resource constraints, the radio link for multi-hop communications and their remote area deployment, WSNs are exposed to several security attacks that can affect overall network performance. Therefore, security is the ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2023
242 pages
ISBN:9798400708442
DOI:10.1145/3615366
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 17 October 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
LADC 2023
LADC 2023: 12th Latin-American Symposium on Dependable and Secure Computing
October 16 - 18, 2023
La Paz, Bolivia
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 274Total Downloads
- Downloads (Last 12 months)274
- Downloads (Last 6 weeks)32
Reflects downloads up to 04 Oct 2024
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatGet Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in