Evaluation of security threats in microservice architectures / Evaluering av säkerhetshot i mikrotjänst arkitekturer

Lindblom, William

January 2022

The microservice architecture is a popular architectural pattern in the industry to implement large systems as they can reduce the code bases of each service and increase the maintainability for each of the individual services by dividing the application into smaller components based on business logic. The services can be implemented in different programming languages and communicates over a network. As a consequence, it might lead to a greater attack surface for an adversary of the system. In order to ease the implementation of microservice architectures, a set of design patterns exists. Two patterns addressing the security of the architecture are the API Gateway pattern and the sidecar pattern. More research is needed in order to identify the security threats microservice architecture encounters and how the design pattern handles those. This master thesis uses threat modeling with attack graphs along with attack simulations in order to investigate the threats in microservice architectures and how they compare between the design patterns. To construct the attack graphs and perform the attack simulations SecuriCAD along with CoreLang was used on a microservice architecture with each of the design patterns. The report concludes that the sidecar pattern is faced with less risk than the API Gateway pattern overall and presents a set of suggestions regarding how the security can be improved in microservice architectures. / Mikrotjänstarkitekturer har blivit ett populärt arkitekturmönster inom industrin för att implementera större system eftersom det kan reducera kodbaserna och underlätta underhållningen av varje enskild tjänst genom av att dela upp applikationen i mindre komponenter baserat på varje tjänsts domänlogik. Dessa tjänster kan vara implementerade i olika programmeringsspråk och kommunicerar med varandra över ett nätverk. Som följd skulle dock detta kunna leda till en större attackyta för en angripare av systemet. För att underlätta implementationen av mikrotjänster finns en mängd designmönster, två designmönster som hanterar säkerheten av mikrotjänstarkiterurer är API Gateway mönstret och sidecar mönstret. Mer forskning skulle dock behövas för att ta reda på vilka hot som mikrotjänstarkitekturer ställs inför samt hur väl de två design mönstren bemöter dessa. Den här masteruppsatsen använder hotmodellering med attack grafer samt attack simuleringar för att undersöka vilka hot som finns i mikrotjänstarkitekturer och hur dessa skiljer sig åt mellan de två design mönstren. För att framställa attack graferna och genomföra attack simuleringarna användes programmet SecuriCAD tillsammans med CoreLang på en mikrotjänstarkitektur med vardera design mönster. Rapporten kommer fram till att sidecarmönstrer har lägre risk i jämförelse med API Gateway mönstret överlag och presenterar en mängd förslag angående hur säkerheten kan förbättras i mikrotjänstarkitekturer.

Microservice architectures

Threat modelling

Design patterns

Mikrotjänstarkitekturer

Hotmodellering

Designmönster

Computer Sciences

Datavetenskap (datalogi)

Agile Network Security for Software Defined Edge Clouds

Osman, Amr

07 March 2023

Today's Internet is seeing a massive shift from traditional client-server applications towards real-time, context-sensitive, and highly immersive applications. The fusion between Cyber-physical systems, The Internet of Things (IoT), Augmented/Virtual-Reality (AR/VR), and the Tactile Internet with the Human-in-the-Loop (TaHIL) means that Ultra-Reliable Low Latency Communication (URLLC) is a key functional requirement. Mobile Edge Computing (MEC) has emerged as a network architectural paradigm to address such ever-increasing resource demands. MEC leverages networking and computational resource pools that are closer to the end-users at the far edge of the network, eliminating the need to send and process large volumes of data over multiple distant hops at central cloud computing data centers. Multiple 'cloudlets' are formed at the edge, and the access to resources is shared and federated across them over multiple network domains that are distributed over various geographical locations. However, this federated access comes at the cost of a fuzzy and dynamically-changing network security perimeter because there are multiple sources of mobility. Not only are the end users mobile, but the applications themselves virtually migrate over multiple network domains and cloudlets to serve the end users, bypassing statically placed network security middleboxes and firewalls. This work aims to address this problem by proposing adaptive network security measures that can be dynamically changed at runtime, and are decoupled from the ever-changing network topology. In particular, we: 1) use the state of the art in programmable networking to protect MEC networks from internal adversaries that can adapt and laterally move, 2) Automatically infer application security contexts, and device vulnerabilities, then evolve the network access control policies to segment the network in such a way that minimizes the attack surface with minimal impact on its utility, 3) propose new metrics to assess the susceptibility of edge nodes to a new class of stealthy attacks that bypasses traditional statically placed Intrusion Detection Systems (IDS), and a probabilistic approach to pro-actively protect them.:Acknowledgments Acronyms & Abbreviations 1 Introduction 1.1 Prelude 1.2 Motivation and Challenges 1.3 Aim and objectives 1.4 Contributions 1.5 Thesis structure 2 Background 2.1 A primer on computer networks 2.2 Network security 2.3 Network softwarization 2.4 Cloudification of networks 2.5 Securing cloud networks 2.6 Towards Securing Edge Cloud Networks 2.7 Summary I Adaptive security in consumer edge cloud networks 3 Automatic microsegmentation of smarthome IoT networks 3.1 Introduction 3.2 Related work 3.3 Smart home microsegmentation 3.4 Software-Defined Secure Isolation 3.5 Evaluation 3.6 Summary 4 Smart home microsegmentation with user privacy in mind 4.1 Introduction 4.2 Related Work 4.3 Goals and Assumptions 4.4 Quantifying the security and privacy of SHIoT devices 4.5 Automatic microsegmentation 4.6 Manual microsegmentation 4.7 Experimental setup 4.8 Evaluation 4.9 Summary II Adaptive security in enterprise edge cloud networks 5 Adaptive real-time network deception and isolation 5.1 Introduction 5.2 Related work 5.3 Sandnet’s concept 5.4 Live Cloning and Network Deception 5.5 Evaluation 5.6 Summary 6 Localization of internal stealthy DDoS attacks on Microservices 6.1 Introduction 6.2 Related work 6.3 Assumptions & Threat model 6.4 Mitigating SILVDDoS 6.5 Evaluation 6.6 Summary III Summary of Results 7 Conclusion 7.1 Main outcomes 7.2 Future outlook Listings Bibliography List of Algorithms List of Figures List of Tables Appendix

info:eu-repo/classification/ddc/006

ddc:006