Go to DBLP homepageIntent-Based Attack Mitigation through Opportunistic Synchronization of Micro-Services
Abstract: The escalating number of cyberattacks poses a significant threat to digital infrastructures. Defining and deploying accurate countermeasures is challenging because of (1) the variety of threats and their possible evolution over time and (2) the need to enforce them as fast as possible, especially for fast-propagating attacks. Intent-Based Networking (IBN) stands for a promising solution for security management, especially to mitigate attacks through the specification of reaction intents, saving time and avoiding error-prone tasks. Nevertheless, most current IBN solutions rely on centralized architectures performing time-consuming operations, which makes them inappropriate to timely deploy countermeasures, especially in the case of fast-propagating attacks spreading large-scale systems. As a solution to shorten the reaction time while supporting scalability, we first consider fast micro-services technologies (e.g., Unikernels) as the substrate of security functions acting as Policy Enforcement Points (PEP). Second, we propose to enable an opportunistic synchronization of those PEPs to react, at least partially but autonomously, against the ongoing attacks in a decentralized fashion. Such a solution raises challenges related to the consistency and performance of the overall enforced reaction policies. This paper presents the early stage of the PhD, outlining the specific challenges, limitations, and research required to leverage decentralized reaction using opportunistic synchronization of micro-services in an IBN framework for security.
Loading