With the increased use of web technologies, microservices, and Application Programming Interface (API) for integration between systems, and with the development of containerization of services on operating system level as a method of isolating system execution and for easing the deployment and scaling of systems, there is a growing need as well as opportunities for providing platforms that improve the security of such services. In our work, we propose an architecture for a containerization platform that utilizes various concepts derived from the human immune system. The goal of the proposed containerization platform is to introduce the concept of slowing down or throttling suspected malicious digital pathogens (intrusions) to reduce their damage footprint while providing more opportunities for forensic inspection of suspected pathogens in addition to the ability to snapshot, rollback, and recover from possible damage. A similar technique is widely used in network-based intrusion detection. The proposed platform also leverages existing intrusion detection algorithms by integrating and orchestrating their cooperative operation for more effective intrusion detection. We show how this model reduces the damage footprint of intrusions and gives greater time window for forensic investigation. Moreover, during our experiments, we were surprised that our platform has uncovered previously unknown design flaws in our system being tested that resulted in internal DDoS-like attacks by submodules of the system itself rather than external intrusions. This was an interesting outcome that we reported to the software maker, and they were happy to learn about it.


School of Sciences and Engineering


Computer Science & Engineering Department

Degree Name

PhD in Applied Science

Graduation Date

Fall 6-6-2023

Submission Date


First Advisor

Sherif El-Kassas

Second Advisor

Amr El-Kadi

Committee Member 1

Moustafa Youssef

Committee Member 2

Mohamed Sedky

Committee Member 3

Aly Fahmy


245 p.

Document Type

Doctoral Dissertation

Institutional Review Board (IRB) Approval

Approval has been obtained for this item