An eBPF-based DevSecOps Approach for Enhancing Security of an Edge Cloud Cluster

Abstract

The information communication technology infrastructure have been undergoing rapid changes due to the emergence of cloud, cloud-native, and edge computing paradigms. The widespread adoption of edge computing has revolutionized the processing and analysis of large volumes of data, enhancing the performance and reliability of cloud-based services. By enabling data processing and storage in proximity to the data source, edge clouds eliminate the need for data to traverse long distances to centralized data centers, resulting in lower latency and faster response times. To further optimize resource utilization and flexibility, edge clouds have largely embraced cloud-native computing, leveraging technologies like containers and orchestrators such as Kubernetes (K8S). While cloud-native computing offers benefits such as agility, scalability, and resiliency throughout the application lifecycle, it also introduces security concerns due to expanded attack surfaces. This thesis suggests an eBPF-based DevSecOps approach which entails several key components for enhancing security of an edge cloud cluster. By using eBPF, this work presents solutions for monitoring network traffic and rate-limiting data bursts in a K8S cluster. Also, an eBPF-based solution for malicious traffic detection is suggested. By integrating these solutions into the DevSecOps workflow, security measures can be incorporated throughout the development, deployment and operations processes. This work uses an enhanced GIST site of the OF@TEIN Playground, which is an edge cloud cluster to verify the suggested solutions.