Published November 15, 2019 | Version v1
Conference paper Open

Data Log Management for Cyber-Security Programmability of Cloud Services and Applications

  • 1. CNIT

Description

In last years, the security appliance is becoming a more important and critical challenge considering the growing complexity and diversification of cyber-attacks. The current solutions are often too cumbersome to be run in virtual services and Internet of Things (IoT) devices. Therefore, it is neces- sary to evolve to a more cooperative models, which collect security-related data from a large set of heterogeneous sources for centralized analysis and correlation.

In this paper, we outline a flexible abstraction layer for access to secu- rity context. It is conceived to program and gather data from lightweight inspection and enforcement hooks deployed in cloud applications and IoT devices. We provide a description of its implementation, by reviewing the main software components and their role.

Finally, we test this abstraction layer with a performance evaluation of a Proof of Concept (PoC) implementation with the aim to evaluate the effectiveness to collect data / logs from virtual services and IoT to enable a centralized security analysis.

Files

cysarm-2.pdf

Files (1.1 MB)

Name Size Download all
md5:c6db0cfff0e572f38029ab2e1ebac6b6
1.1 MB Preview Download

Additional details

Funding

ASTRID – AddreSsing ThReats for virtualIseD services 786922
European Commission
GUARD – A cybersecurity framework to GUArantee Reliability and trust for Digital service chains 833456
European Commission