Intelligent Security Framework for Distributed Cloud-Native Edge Boxes

Abstract

Modern Information Communication Technologies (ICT) infrastructures are being complex day by day with the various challenges to accommodate the current networking paradigms such as cloud-native edge computing, software-defined networking (SDN), and internet of things (IoT). Undoubtedly, security is an essential element for an effective operation of modern ICT infrastructures. In response to weaknesses of current network security solutions, zero-trust model follows the idea that no network is trustworthy. Therefore, to protect distributed edge nodes of multi-site cloud from different attacks and threats, cloud operators should monitor and verify network traffic continuously. However, currently, to improve efficiency, it is expected that a majority of intelligent security services should be deployed at the edge nodes. By considering the current network security challenges, we propose SmartX Intelligent Sec that is based on light weight extended Berkeley Packet Filter/eXpress Data Path (eBPF/XDP) and machine learning techniques to protect distributed edge nodes of multi-site cloud. This security framework provides collective automation features for continuous capturing, detecting (network threats), and filtering (malicious) network traffic at distributed edge nodes of multi-site cloud. In SmartX Intelligent Sec, capturing and filtering (malicious) network traffic is implemented with the help of eBPF/XDP and machine learning techniques are used for detecting network threats. Moreover, in addition with SmartX Intelligent Sec, we also propose a testbed for malicious traffic generation based on containers, Kubernetes, and eBPF/XDP. This testbed can be used for malicious data generation for machine learning based experiments. With the help of this testbed, we release publically malicious traffic that satisfies ground truth property completely.