Cover Image

Detection of Denial of service attack in cloud based Kubernetes using eBPF

Kubernetes is an orchestration tool that runs and manages container-based workloads. It works as a collection of different virtual or physical servers that support multiple storage capacities, provide network functionalities, and keep all containerized applications active in a desired state. It also...

Full description

Saved in:
Bibliographic Details
Main Authors: Amin Sadiq, Hassan Jamil Syed, Asad Ahmed Ansari, Ashraf Osman Ibrahim Elsayed, Manar Alohaly, Muna Elsadig
Format: Article
Language:English
English
Published: MDPI AG, Basel, Switzerland 2023
Subjects:
QA75.5-76.95 Electronic computers. Computer science
T10.5-11.9 Communication of technical information
Online Access:https://eprints.ums.edu.my/id/eprint/42207/1/ABSTRACT.pdf
https://eprints.ums.edu.my/id/eprint/42207/2/FULL%20TEXT.pdf
https://eprints.ums.edu.my/id/eprint/42207/
https://doi.org/10.3390/app13084700
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.ums.eprints.42207
record_format eprints
spelling my.ums.eprints.422072024-12-10T06:58:19Z https://eprints.ums.edu.my/id/eprint/42207/ Detection of Denial of service attack in cloud based Kubernetes using eBPF Amin Sadiq Hassan Jamil Syed Asad Ahmed Ansari Ashraf Osman Ibrahim Elsayed Manar Alohaly Muna Elsadig QA75.5-76.95 Electronic computers. Computer science T10.5-11.9 Communication of technical information Kubernetes is an orchestration tool that runs and manages container-based workloads. It works as a collection of different virtual or physical servers that support multiple storage capacities, provide network functionalities, and keep all containerized applications active in a desired state. It also provides an increasing fleet of different facilities, known as microservices. However, Kubernetes’ scalability has led to a complex network structure with an increased attack vector. Attackers can launch a Denial of service (DoS) attack against servers/machines in Kubernetes by producing fake traffic load, for instance. DoS or Distributed Denial of service (DDoS) attacks are malicious attempts to disrupt a targeted service by flooding the target’s service with network packets. Constant observation of the network traffic is extremely important for the early detection of such attacks. Extended Berkeley Packet Filter (eBPF) and eXpress Datapath (XDP) are advanced technologies in the Linux kernel that perform high-speed packet processing. In the case of Kubernetes, eBPF and XDP can be used to protect against DDoS attacks by enabling fast and efficient network security policies. For example, XDP can be used to filter out traffic that is not authorized to access the Kubernetes cluster, while eBPF can be used to monitor network traffic for signs of DDoS attacks, such as excessive traffic from a single source. In this research, we utilize eBPF and XDP to build a detection and observation mechanism to filter out malicious content and mitigate a Denial of Service attack on Kubernetes MDPI AG, Basel, Switzerland 2023 Article NonPeerReviewed text en https://eprints.ums.edu.my/id/eprint/42207/1/ABSTRACT.pdf text en https://eprints.ums.edu.my/id/eprint/42207/2/FULL%20TEXT.pdf Amin Sadiq and Hassan Jamil Syed and Asad Ahmed Ansari and Ashraf Osman Ibrahim Elsayed and Manar Alohaly and Muna Elsadig (2023) Detection of Denial of service attack in cloud based Kubernetes using eBPF. Applied Sciences, 13. pp. 1-15. https://doi.org/10.3390/app13084700
institution Universiti Malaysia Sabah
building UMS Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Malaysia Sabah
content_source UMS Institutional Repository
url_provider http://eprints.ums.edu.my/
language English
English
topic QA75.5-76.95 Electronic computers. Computer science
T10.5-11.9 Communication of technical information
spellingShingle QA75.5-76.95 Electronic computers. Computer science
T10.5-11.9 Communication of technical information
Amin Sadiq
Hassan Jamil Syed
Asad Ahmed Ansari
Ashraf Osman Ibrahim Elsayed
Manar Alohaly
Muna Elsadig
Detection of Denial of service attack in cloud based Kubernetes using eBPF
description Kubernetes is an orchestration tool that runs and manages container-based workloads. It works as a collection of different virtual or physical servers that support multiple storage capacities, provide network functionalities, and keep all containerized applications active in a desired state. It also provides an increasing fleet of different facilities, known as microservices. However, Kubernetes’ scalability has led to a complex network structure with an increased attack vector. Attackers can launch a Denial of service (DoS) attack against servers/machines in Kubernetes by producing fake traffic load, for instance. DoS or Distributed Denial of service (DDoS) attacks are malicious attempts to disrupt a targeted service by flooding the target’s service with network packets. Constant observation of the network traffic is extremely important for the early detection of such attacks. Extended Berkeley Packet Filter (eBPF) and eXpress Datapath (XDP) are advanced technologies in the Linux kernel that perform high-speed packet processing. In the case of Kubernetes, eBPF and XDP can be used to protect against DDoS attacks by enabling fast and efficient network security policies. For example, XDP can be used to filter out traffic that is not authorized to access the Kubernetes cluster, while eBPF can be used to monitor network traffic for signs of DDoS attacks, such as excessive traffic from a single source. In this research, we utilize eBPF and XDP to build a detection and observation mechanism to filter out malicious content and mitigate a Denial of Service attack on Kubernetes
format Article
author Amin Sadiq
Hassan Jamil Syed
Asad Ahmed Ansari
Ashraf Osman Ibrahim Elsayed
Manar Alohaly
Muna Elsadig
author_facet Amin Sadiq
Hassan Jamil Syed
Asad Ahmed Ansari
Ashraf Osman Ibrahim Elsayed
Manar Alohaly
Muna Elsadig
author_sort Amin Sadiq
title Detection of Denial of service attack in cloud based Kubernetes using eBPF
title_short Detection of Denial of service attack in cloud based Kubernetes using eBPF
title_full Detection of Denial of service attack in cloud based Kubernetes using eBPF
title_fullStr Detection of Denial of service attack in cloud based Kubernetes using eBPF
title_full_unstemmed Detection of Denial of service attack in cloud based Kubernetes using eBPF
title_sort detection of denial of service attack in cloud based kubernetes using ebpf
publisher MDPI AG, Basel, Switzerland
publishDate 2023
url https://eprints.ums.edu.my/id/eprint/42207/1/ABSTRACT.pdf
https://eprints.ums.edu.my/id/eprint/42207/2/FULL%20TEXT.pdf
https://eprints.ums.edu.my/id/eprint/42207/
https://doi.org/10.3390/app13084700
_version_ 1818835190124904448
score 13.223943

Similar Items