Журнал «Труды Института системного анализа Российской академии наук» - Ghadeer Darwesh "Enhancing Kubernetes Security with Feedback-Driven Machine Learning Models"

Kubernetes has become the cornerstone of container orchestration in modern cloud computing, offering unmatched scalability and flexibility. However, its growing adoption has introduced critical security challenges, particularly in mitigating Denial-of-Service (DoS) attacks. This study presents an innovative seven-layer framework to enhance Kubernetes security through real-time anomaly detection and feedback-driven machine learning models. The framework integrates two core components: a Feedback Application that captures user input to improve detection precision and a Model Agent for real-time data collection, anomaly detection, and adaptive model retraining. By combining real-time metrics with user feedback, the system dynamically evolves to address emerging threats, ensuring robust protection for Kubernetes environments. Experimental results demonstrate the framework's effectiveness in achieving high anomaly detection accuracy, reducing false positives, and maintaining adaptability in dynamic, cloud-native infrastructures.

Полная версия статьи в формате pdf.

PP. 83-89.

Литература

1. Darwesh G., Hammoud J. and Vorobeva A. “Security in kubernetes: Best practices and security analysis,” vol. 2, pp. 63–69, 06 2022.

2. Shah J. & Dubaria D. (2019, January). Building modern clouds: using docker, kubernetes & Google cloud platform. In 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 0184-0189). IEEE.

3. Takahashi K., Aida K., Tanjo T. & Sun J. (2018, January). A portable load balancer for kubernetes cluster. In Proceedings of the International Conference on High Performance Computing in Asia-Pacific Region (pp. 222-231).

4. Sultan S., Ahmad I. & Dimitriou T. (2019). Container security: Issues, challenges, and the road ahead. IEEE access, 7, 52976-52996.

5. Medel V., Rana O., Bañares J.Á. & Arronategui U. (2016, December). Modelling performance & resource management in kubernetes. In Proceedings of the 9th International Conference on Utility and Cloud Computing (pp. 257-262).

6. Prometheus. (n.d.). Getting started | Prometheus. Retrieved August 1, 2024, from https://prometheus.io/docs/prometheus/latest/getting_started/

7. Technical documentation | Grafana Labs. (n.d.). Grafana Labs. Retrieved August 1, 2024, from https://grafana.com/docs/

8. Darwesh G., Hammoud J. & Vorobeva A.A. (2023). A novel approach to feature collection for anomaly detection in Kubernetes environment and agent for metrics collection from Kubernetes nodes. Научно-технический вестник информационных технологий, механики и оптики, 23(3), 538-546.

9. Cao C., Blaise A., Verwer S. & Rebecchi F. (2022, August). Learning state machines to monitor and detect anomalies on a kubernetes cluster. In Proceedings of the 17th International Conference on Availability, Reliability and Security (pp. 1-9).

10. Tien C.W., Huang T.Y., Tien C.W., Huang T.C. & Kuo S.Y. (2019). KubAnomaly: Anomaly detection for the Docker orchestration platform with neural network approaches. Engineering reports, 1(5), e12080.

11. Chang C.C., Yang S.R., Yeh E.H., Lin P. & Jeng J.Y. (2017, December). A kubernetes-based monitoring platform for dynamic cloud resource provisioning. In GLOBECOM 2017-2017 IEEE Global Communications Conference (pp. 1-6). IEEE.

12. Welcome to Flask – Flask Documentation (3.0.X). (n.d.). Retrieved August 1, 2024, from https://flask.palletsprojects.com/en/3.0.x/

13. Prometheus. (n.d.-a). AlertManager | Prometheus. Retrieved August 1, 2024, from https://prometheus.io/docs/alerting/latest/alertmanager/