Generating Realistic Attack Data for Microservices: Framework and Case Study

Resumo

Microservice applications have gained significant popularity due to their capability to decrease the complexity of developing highly scalable, manageable, and flexible systems. However, the microservices distributed nature, fine service granularity, and large attack surface introduce new security challenges, making it crucial to develop effective mechanisms for protecting those applications at runtime. Nevertheless, developing novel solutions relies on the availability of suitable datasets, which are currently lacking and need to be generated through new research. This research paper presents a comprehensive framework designed to support research on monitoring and analyzing microservices, aiding in the development of novel solutions for detecting attacks in the context of microservice applications. We present an implementation of the framework for generating data for high- and low-volume Denial of Service (DoS) attacks, highlighting its key components and features. Furthermore, we present a series of attack profiles and evaluate the framework’s performance in a case study, demonstrating the framework’s usefulness for generating data for DoS attacks by presenting a model that successfully detects the attacks.