Securing Public Clouds using Dynamic Communication Graphs

Open Webpage

Sathiya Kumaran Mani, Kevin Hsieh, Santiago Segarra, Trevor Eberl, Ranveer Chandra, Eliran Azulai, Narayan Annamalai, Deepak Bansal, Srikanth Kandula

Published: 01 Jan 2023, Last Modified: 03 Sept 2024HotNets 2023EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: We leverage a novel telemetry source available in public clouds today: periodic summaries of every flow that enters or leaves any VM. A key aspect is that such telemetry can be collected transparently to customers and with minimal impact on their workloads. By consuming this telemetry, we show how one may realize complete and dynamic graphs of the communication inside cloud subscriptions. We describe novel analyses over these communication graphs with implications on network security and management.