Acceso al sitio web del Consejo de Políticas de Infraestructura
REVISTA
Future Internet

   
Inicio  /  Future Internet  /  Vol: 15 Par: 7 (2023)  /  Artículo
ARTÍCULO
TITULO

KubeHound: Detecting Microservices? Security Smells in Kubernetes Deployments

Giorgio Dell?Immagine    
Jacopo Soldani and Antonio Brogi    

Resumen

As microservice-based architectures are increasingly adopted, microservices security has become a crucial aspect to consider for IT businesses. Starting from a set of ?security smells? for microservice applications that were recently proposed in the literature, we enable the automatic detection of such smells in microservice applications deployed with Kubernetes. We first introduce possible analysis techniques to automatically detect security smells in Kubernetes-deployed microservices. We then demonstrate the practical applicability of the proposed techniques by introducing KubeHound, an extensible prototype tool for automatically detecting security smells in microservice applications, and which already features a selected subset of the discussed analyses. We finally show that KubeHound can effectively detect instances of security smells in microservice applications by means of controlled experiments and by applying it to existing, third-party applications.

Palabras claves

PÁGINAS
pp. 0 - 0
MATERIAS
INFRAESTRUCTURA

 Artículos similares

       
 
Mohammed A. Mohammed, Manel Boujelben and Mohamed Abid    
Recently, the advent of blockchain (BC) has sparked a digital revolution in different fields, such as finance, healthcare, and supply chain. It is used by smart healthcare systems to provide transparency and control for personal medical records. However,... ver más
Revista: Future Internet

 
Giacomo Gori, Lorenzo Rinieri, Amir Al Sadi, Andrea Melis, Franco Callegati and Marco Prandini    
The correct and efficient measurement of security properties is key to the deployment of effective cyberspace protection strategies. In this work, we propose GRAPH4, which is a system that combines different security metrics to design an attack detection... ver más
Revista: Future Internet

 
Mohammad Javad Rajaei and Qusay H. Mahmoud    
The popularity of cryptocurrencies has skyrocketed in recent years, with blockchain technologies enabling the development of new digital assets. However, along with their advantages, such as lower transaction costs, increased security, and transactional ... ver más
Revista: Future Internet

 
Amthal K. Mousa and Mohammed Najm Abdullah    
The software defined network (SDN) collects network traffic data and proactively manages networks. SDN?s programmability makes it excellent for developing distributed applications, cybersecurity, and decentralized network control in multitenant data cent... ver más
Revista: Future Internet

 
Ashish Koirala, Rabindra Bista and Joao C. Ferreira    
The Internet of Things (IoT) shares the idea of an autonomous system responsible for transforming physical computational devices into smart ones. Contrarily, storing and operating information and maintaining its confidentiality and security is a concerni... ver más
Revista: Future Internet