ISSF: An Intelligent Security Service Framework for Cloud-Native Operations

IF 1 4区计算机科学 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Web Engineering Pub Date : 2025-06-01 DOI:10.13052/jwe1540-9589.2447

Yikuan Yan;Keman Huang;Michael Siegel

{"title":"ISSF: An Intelligent Security Service Framework for Cloud-Native Operations","authors":"Yikuan Yan;Keman Huang;Michael Siegel","doi":"10.13052/jwe1540-9589.2447","DOIUrl":null,"url":null,"abstract":"The growing system complexity of microservice architectures and the bilateral enhancement of artificial intelligence (AI) for both attackers and defenders present increasing security challenges for cloud-native operations. In particular, cloud-native operators require a holistic view of the dynamic security posture for the microservice-based cloud-native environment from a defense aspect. Additionally, both attackers and defenders can adopt advanced AI technologies. This makes the dynamic interaction and benchmark among different intelligent offense and defense strategies more crucial. Hence, following the multi-agent deep reinforcement learning (RL) paradigm, this research develops an agent-based intelligent security service framework (ISSF) for cloud-native operations. It includes a dynamic attack graph model to represent the cloud-native environment and an action model to represent offense and defense actions. Then we develop an approach to enable the training, publishing, and evaluating of intelligent security services using diverse deep RL algorithms and training strategies, facilitating their systematic development and benchmarking. The experiments demonstrate that our framework can sufficiently model the security posture of a cloudnative system for defenders, effectively develop and quantitatively benchmark different intelligent security services for both attackers and defenders, and guide further optimization.","PeriodicalId":49952,"journal":{"name":"Journal of Web Engineering","volume":"24 4","pages":"655-686"},"PeriodicalIF":1.0000,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11112807","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Web Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11112807/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

The growing system complexity of microservice architectures and the bilateral enhancement of artificial intelligence (AI) for both attackers and defenders present increasing security challenges for cloud-native operations. In particular, cloud-native operators require a holistic view of the dynamic security posture for the microservice-based cloud-native environment from a defense aspect. Additionally, both attackers and defenders can adopt advanced AI technologies. This makes the dynamic interaction and benchmark among different intelligent offense and defense strategies more crucial. Hence, following the multi-agent deep reinforcement learning (RL) paradigm, this research develops an agent-based intelligent security service framework (ISSF) for cloud-native operations. It includes a dynamic attack graph model to represent the cloud-native environment and an action model to represent offense and defense actions. Then we develop an approach to enable the training, publishing, and evaluating of intelligent security services using diverse deep RL algorithms and training strategies, facilitating their systematic development and benchmarking. The experiments demonstrate that our framework can sufficiently model the security posture of a cloudnative system for defenders, effectively develop and quantitatively benchmark different intelligent security services for both attackers and defenders, and guide further optimization.

查看原文本刊更多论文

面向云原生操作的智能安全服务框架

微服务架构日益增长的系统复杂性，以及攻击者和防御者的人工智能（AI）的双边增强，为云原生操作带来了越来越多的安全挑战。特别是，云原生运营商需要从防御方面全面了解基于微服务的云原生环境的动态安全态势。此外，攻击者和防御者都可以采用先进的人工智能技术。这使得不同智能攻防策略之间的动态交互和基准更加重要。因此，本研究遵循多智能体深度强化学习（RL）范式，为云原生操作开发了基于智能体的智能安全服务框架（ISSF）。它包括一个表示云原生环境的动态攻击图模型和一个表示进攻和防御动作的动作模型。然后，我们开发了一种方法，使用各种深度强化学习算法和训练策略来实现智能安全服务的培训、发布和评估，促进其系统开发和基准测试。实验表明，我们的框架可以为防御者充分建模云原生系统的安全态势，有效地为攻击者和防御者开发和定量基准不同的智能安全服务，并指导进一步优化。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Web Engineering 工程技术-计算机：理论方法

CiteScore

1.80

自引率

12.50%

发文量

审稿时长

9 months

期刊介绍： The World Wide Web and its associated technologies have become a major implementation and delivery platform for a large variety of applications, ranging from simple institutional information Web sites to sophisticated supply-chain management systems, financial applications, e-government, distance learning, and entertainment, among others. Such applications, in addition to their intrinsic functionality, also exhibit the more complex behavior of distributed applications.