ML-Based Threat Detection for Container Network Security in Kubernetes

Considering the rise of containerized environments, especially those that run on Kubernetes, throughout enterprise infrastructures, ensuring security of these networks against changing cyber threats is a must. Kubernetes environments are fundamentally dynamic: workloads are short-lived, and network policies change constantly; a paradigm that fails for traditional network security solutions. This paper introduces a novel Machine Learning(ML) based model for detection and monitoring such threats in container networks built on Kubernetes framework. These solutions leverage ML to analyze various network behaviors and detect manifestations of intrusions as well as the processes of privilege escalation and lateral movement inside the container infrastructure. The approach is validated by real-world case scenarios and model evaluations showing that the proposed solution can achieve a significant enhancement of the security aspect while keeping a high level of performance.