Abstract
With the increased use of web technologies, microservices, and Application Programming Interface (API) for integration between systems, and with the development of containerization of services on operating system level as a method of isolating system execution and for easing the deployment and scaling of systems, there is a growing need as well as opportunities for providing platforms that improve the security of such services. In our work, we propose an architecture for a containerization platform that utilizes various concepts derived from the human immune system. The goal of the proposed containerization platform is to introduce the concept of slowing down or throttling suspected malicious digital pathogens (intrusions) to reduce their damage footprint while providing more opportunities for forensic inspection of suspected pathogens in addition to the ability to snapshot, rollback, and recover from possible damage. A similar technique is widely used in network-based intrusion detection. The proposed platform also leverages existing intrusion detection algorithms by integrating and orchestrating their cooperative operation for more effective intrusion detection. We show how this model reduces the damage footprint of intrusions and gives greater time window for forensic investigation. Moreover, during our experiments, we were surprised that our platform has uncovered previously unknown design flaws in our system being tested that resulted in internal DDoS-like attacks by submodules of the system itself rather than external intrusions. This was an interesting outcome that we reported to the software maker, and they were happy to learn about it.
School
School of Sciences and Engineering
Department
Computer Science & Engineering Department
Degree Name
PhD in Applied Science
Graduation Date
Fall 6-6-2023
Submission Date
11-6-2023
First Advisor
Sherif El-Kassas
Second Advisor
Amr El-Kadi
Committee Member 1
Moustafa Youssef
Committee Member 2
Mohamed Sedky
Committee Member 3
Aly Fahmy
Extent
245 p.
Document Type
Doctoral Dissertation
Institutional Review Board (IRB) Approval
Approval has been obtained for this item
Recommended Citation
APA Citation
Khalil, I.
(2023).A Multimodal Immune System Inspired Defense Architecture for Detecting and Deterring Digital Pathogens in Container Hosted Web Services [Doctoral Dissertation, the American University in Cairo]. AUC Knowledge Fountain.
https://fount.aucegypt.edu/etds/2222
MLA Citation
Khalil, Islam. A Multimodal Immune System Inspired Defense Architecture for Detecting and Deterring Digital Pathogens in Container Hosted Web Services. 2023. American University in Cairo, Doctoral Dissertation. AUC Knowledge Fountain.
https://fount.aucegypt.edu/etds/2222
Included in
Information Security Commons, OS and Networks Commons, Other Computer Sciences Commons, Systems Architecture Commons