Immunizer: A Scalable Loosely-Coupled Self-Protecting Software Framework using Adaptive Microagents and Parallelized Microservices

Abstract

IT professionals are overwhelmed by rapidly-changing technology and growing complexity. Additional challenges are introduced by cyber-security. Self-protecting software tries to alleviate this situation by combining principles and techniques from both autonomic computing and software security. However, this combination creates scalability issues, as well as cross-cutting concerns. In this work, we present Immunizer: A Scalable Loosely-Coupled Self-Protecting Software Framework. Immunizer extends our Application-level Unsupervised Outlier-based Intrusion Detection and Prevention Framework by leveraging the architectural building blocks of autonomic computing, and adopting a microagent/microservice architectural model, augmented with distributed cluster computing, for maximum scalability and separation of concerns. More specifically, we design each of the Monitor, Analyze, Plan and Execute functions of the autonomic MAPE-K control loop as a parallelized microservice, while we model its Knowledge function as a data streaming, caching and storage infrastructure. Moreover, we design the Sensor and Effector touchpoint modules as adaptive lightweight runtime application instrumentation microagents.