Demo: Cloud-native Cyber Deception with Decepto

被引:0
|
作者
Santoro, Daniele [1 ]
Zambianco, Marco [1 ]
Facchinetti, Claudio [1 ]
Siracusa, Domenico [1 ]
机构
[1] Fdn Bruno Kessler, Ctr Cybersecur, Povo, Italy
来源
2024 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, ISCC 2024 | 2024年
关键词
Cyber deception; cloud-native applications; Kubernetes;
D O I
10.1109/ISCC61673.2024.10733585
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
The disaggregation of monolithic applications in containerized microservices inevitably weaken their security posture. In this context, leveraging the cloning feature of containerized environments, we propose Decepto, a software platform that integrates a high-interaction cyber deception mechanism within cloud-native applications using Kubernetes (K8s). In particular, our deception solution automatically generates decoys as clones of production microservices and deploys them to look like legitimate microservices. Attackers that unknowingly interact with such deceptive artifacts are reliably detected and monitored. In this work, we first present Decepto technical implementation, then we demonstrate its functionalities and related computational performance overhead emulating a practical attack scenario on a real K8s cluster.
引用
收藏
页数:3
相关论文
共 50 条
  • [1] Demo Paper: Benchmarking Scalability of Cloud-Native Applications with Theodolite
    Henning, Soeren
    Hasselbring, Wilhelm
    2022 IEEE INTERNATIONAL CONFERENCE ON CLOUD ENGINEERING (IC2E 2022), 2022, : 275 - 276
  • [2] Cloud-Native Applications
    Gannon, Dennis
    Barga, Roger
    Sundaresan, Neel
    IEEE CLOUD COMPUTING, 2017, 4 (05): : 16 - 21
  • [3] Cloud-Native Applications and Services
    Kratzke, Nane
    FUTURE INTERNET, 2022, 14 (12)
  • [4] Survey on Cloud-native Databases
    Dong H.-W.
    Zhang C.
    Li G.-L.
    Feng J.-H.
    Ruan Jian Xue Bao/Journal of Software, 2024, 35 (02): : 899 - 926
  • [5] Cloud-Native Databases: A Survey
    Dong, Haowen
    Zhang, Chao
    Li, Guoliang
    Zhang, Huanchen
    IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2024, 36 (12) : 7772 - 7791
  • [6] Leveraging a cloud-native architecture to enable semantic interconnectedness of data for cyber threat intelligence
    Ammi, Meryem
    Adedugbe, Oluwasegun
    Alharby, Fahad M.
    Benkhelifa, Elhadj
    CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2022, 25 (05): : 3629 - 3640
  • [7] AIDS-Based Cyber Threat Detection Framework for Secure Cloud-Native Microservices
    Park, Heeji
    EL Azzaoui, Abir
    Park, Jong Hyuk
    ELECTRONICS, 2025, 14 (02):
  • [8] Leveraging a cloud-native architecture to enable semantic interconnectedness of data for cyber threat intelligence
    Meryem Ammi
    Oluwasegun Adedugbe
    Fahad M. Alharby
    Elhadj Benkhelifa
    Cluster Computing, 2022, 25 : 3629 - 3640
  • [9] DSCOPE: A Cloud-Native Internet Telescope
    Pauley, Eric
    Barford, Paul
    McDaniel, Patrick
    PROCEEDINGS OF THE 32ND USENIX SECURITY SYMPOSIUM, 2023, : 5989 - 6006
  • [10] A Cloud-Native Online Judge System
    Pan, Guan-Chen
    Liu, Pangfeng
    Wu, Jan-Jan
    2022 IEEE 46TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE (COMPSAC 2022), 2022, : 1293 - 1298
12345