Generating Realistic Attack Data for Microservices: Framework and Case Study

  • Jessica Castro University of Coimbra
  • Nuno Laranjeiro University of Coimbra
  • Marco Vieira University of Coimbra

Resumo


Microservice applications have gained significant popularity due to their capability to decrease the complexity of developing highly scalable, manageable, and flexible systems. However, the microservices distributed nature, fine service granularity, and large attack surface introduce new security challenges, making it crucial to develop effective mechanisms for protecting those applications at runtime. Nevertheless, developing novel solutions relies on the availability of suitable datasets, which are currently lacking and need to be generated through new research. This research paper presents a comprehensive framework designed to support research on monitoring and analyzing microservices, aiding in the development of novel solutions for detecting attacks in the context of microservice applications. We present an implementation of the framework for generating data for high- and low-volume Denial of Service (DoS) attacks, highlighting its key components and features. Furthermore, we present a series of attack profiles and evaluate the framework’s performance in a case study, demonstrating the framework’s usefulness for generating data for DoS attacks by presenting a model that successfully detects the attacks.
Palavras-chave: container, security, DoS attack, testbed, microservices
Publicado
16/10/2023
CASTRO, Jessica; LARANJEIRO, Nuno; VIEIRA, Marco. Generating Realistic Attack Data for Microservices: Framework and Case Study. In: LATIN-AMERICAN SYMPOSIUM ON DEPENDABLE COMPUTING (LADC), 12. , 2023, La Paz/Bolívia. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2023 . p. 60–69.