Securing Communication and Identifying Threats in Cloud Microservices

Abstract

The automotive industry has grown from making simple passenger vehicles to vehicles which are completely aware of its surroundings. Every car which is being manufactured now promises intelligent functionalities and the cars keep getting smarter every year. As vehicles become part of the IoT cyberspace, similar to smart home assistants, televisions etc., they are exposed to many dangerous threats by default. Hence, an automobile manufacturer’s idea of safety and security needs to evolve from seatbelts and airbags to include the cybersecurity factor. The vehicle should be completely secure in all aspects, which certainly includes its network infrastructure to avoid any attempts to cause mishaps or accidents. Newer technology is being adopted for providing several advantages and one such technology is Microservices Architecture. In simpler words, Microservices are a method of developing software applications which are made up of independently deployable, modular services. Each microservice runs a unique process and communicates through a well-defined, lightweight mechanism such as a container, to serve a business goal. However, one must also keep in mind that microservices are unmonitored, work on zero trust and they have complex communication. The crux of this thesis involves investigating about how to secure these microservices, if a traditional Intrusion Detection System works effectively in the Microservice environment considering the drastic change in architecture. An open source IDS Zeek, which is acting as the traditional security method is used to demonstrate the process for monolithic and microservice based attacks. The corresponding results are thoroughly analyzed and suitable conclusions are drawn.