Microservice Security Detectors & Metrics & Detection Strategies: Dataset

This is the dataset for replicability for the article "Detection Strategies for Microservice Security Tactics." It provides the code needed to replicate the study in the article and the model data set of 10 system models and 20 variants of those models.

The abstract of the article is:

Microservice architectures are widely used today to implement distributed systems. Securing microservice architectures is challenging because of their polyglot nature, continuous evolution, and various security concerns relevant to such architectures. This article proposes a novel, model-based approach providing detection strategies to address the automated detection of security tactics (or patterns and best practices) in a given microservice architecture decomposition model. Our novel detection strategies are metrics-based rules that decide conformance to a security recommendation based on a statistical predictor. The proposed approach models this recommendation using Architectural Design Decisions (ADDs). We apply our approach for four different security-related ADDs on access management, traffic control, and avoiding plaintext sensitive data in the context of microservice systems. We then apply our approach to a model data set of 10 open-source microservice systems and 20 variants of those systems. Our results are detection strategies showing a very low bias, a very high correlation, and a low prediction error in our model data set.

The dataset is based on a dataset from a previous article: https://zenodo.org/record/6424722