University of Limerick
Browse
- No file added yet -

Adaptive observability for forensic-ready microservice systems

Download (1.11 MB)
journal contribution
posted on 2024-03-01, 12:42 authored by Davi Monteiro, Yijun Yu, Andrea Zisman, Bashar NuseibehBashar Nuseibeh

Microservice-based applications may include multiple instances of microservices running on containerised infrastructures. These infrastructures pose challenges to digital investigations of security incidents because digital evidence can be destroyed when containers are terminated. Observability techniques are used to facilitate the investigation of incidents in microservice systems. However, existing observability approaches do not address security incidents when there is a need to perform digital forensic investigations. Furthermore, approaches to proactively support digital forensic investigations are limited to security incidents that are known a priori. In this article, we propose an adaptive observability approach based on game theory. The approach addresses the challenge of implementing forensic-ready microservice systems while considering uncertainties in security incidents. Our approach provides evidence collection capabilities for microservice systems and continually adapts to improve the forensic readiness of microservices. Specifically, the approach uses game theory to model and reason about the interactions between users and microservices, determining the optimal time and manner for observing microservices before the occurrence of security incidents. The performance of the approach has been assessed and compared with other observability approaches. Results of the evaluation indicate that adaptive observability outperforms other observability approaches, with improvements ranging from 3.1% up to 42.50%.

Funding

Lero_Phase 2

Science Foundation Ireland

Find out more...

SAUSE: Secure, Adaptive, Usable Software Engineering

Engineering and Physical Sciences Research Council

Find out more...

History

Publication

IEEE Transactions on Services Computing, 2023 6, (5), pp. 3196-3209

Publisher

Institute of Electrical and Electronics Engineers

Also affiliated with

  • LERO - The Science Foundation Ireland Research Centre for Software

Sustainable development goals

  • (4) Quality Education

Department or School

  • Computer Science & Information Systems

Usage metrics

    University of Limerick

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC