A novel approach to feature collection for anomaly detection in Kubernetes environment and agent for metrics collection from Kubernetes nodes
Annotation
Kubernetes is a widely adopted open-source platform for managing containerized workloads and deploying applications in a microservices architecture. Despite its popularity, Kubernetes has faced numerous security challenges; deployments using Kubernetes are vulnerable to security risks. The current solutions for detecting anomalous behavior within a Kubernetes cluster lack real-time detection capabilities allowing hackers to exploit vulnerabilities and cause damage to production assets. This study aims to address these security concerns by proposing a new approach and novel agent to feature collection for anomaly detection in Kubernetes environment. It is proposed to use metrics (related to disk usage, CPU and network) collected by node exporter (Prometeus) directly from Kubernetes nodes. The simulation was conducted in a real-world production Kubernetes environment hosted on the Microsoft Azure, with results indicating the agent success in collecting 24 security metrics in a short amount of time. These metrics can be used to create a labeled time-series dataset of anomalies produced by microservices, enabling real-time detection of attacks based on the behavior of compromised nodes within the Kubernetes cluster. The proposed approach and developed agent for monitoring can be used to generate datasets for training anomaly detection models in the Kubernetes environment, based on artificial intelligence technologies, in real-time mode. The obtained results will be useful for researchers and specialists in the field of Kubernetes cybersecurity.
Keywords
Постоянный URL
Articles in current issue
- Analysis of frequency-robust multivariable dynamical systems
- Fractal micro- and nanodendrites of silver, copper and their compounds for photocatalytic water splitting
- Mathematical modelling of tri-layer dielectric OTFT based on pentacene semiconductor for enhancing the electrical characteristics
- Researching carbon dioxide hydrates in thin films via FTIR spectroscopyat temperatures of 11–180 K
- Method for increasing the information value of video data based on the removal of redundant frames and entropy estimation
- Attacker group detection method based on HTTP payload analysis
- Facial keypoints detection using capsule neural networks
- Review of national and international standards for categorizing of critical information infrastructure objects
- Criterion of the network infrastructure security
- Time parameters linear approximation method in elastic systems
- Role discovery in node-attributed public transportation networks: the study of Saint Petersburg city open data
- Exploring the possibility of predicting users’ career guidance preferences based on analysis of community topics and the gender in the online social network users’ profiles
- Blindness detection in diabetic retinopathy using Bayesian variant-based connected component algorithm in Keras and TensorFlow
- Joint recognition of text and layout in historical Russian documents
- Intelligent clinical decision support for small patient datasets
- Assessment of the readiness of a computer system for timely servicing of requests when combined with information recovery of memory after failures
- Buckling analysis of an orthotropic cylindrical shell structure in the ANSYS Mechanical APDL software package
- Justification of the choice of mobile broadband access technology for building radio communication networks of railway transport
- Comparative performance analysis of DVR & DSTATCOM for distributed generation with gravitational search algorithm
- Estimation of the moments of a quantized random variable
- Experimental method for estimating the dynamic error of devices and sensors under their operating conditions
- Method of type-C liquified natural gas tank modeling based on volume optimization for future “milk-run” exploitation
- Optical properties of borate family nonlinear crystals and their application in sources of intense terahertz radiation
- A model of a refractive fiber optic sensor sensing element based on MMF-SMF-MMF structure using surface plasmon resonance