| With the deep integration of cloud computing and business scenarios,cloud-native,as a technical system and methodology for migrating applications to cloud computing environments,has accelerated the "application cloudification" process,promoting a new schema in which applications are delivered as cloud-native applications.Cloud-native applications are based on the microservice architecture that decouples complex applications into multiple microservices with single functions,support for independent development,and container-based independent deployment,increasing the speed of application delivery and iteration.However,as the scale of cloud-native applications intensifies and expands,cloud-native applications that are based on microservice architecture,deployed in containers,and delivered based on Dev Ops have gradually exhibited highly open,complex,and dynamic characteristics,and the resilience of cloud-native applications is compromised by increased attack surface and resource management failures.First,the highly open Dev Ops software supply chain introduces more vulnerabilities and backdoors to cloud-native applications.Second,the highly complex and dynamic microservice architecture and containerized operating environment also reduce the effectiveness of existing security threat management technologies and resource provisioning technologies.Therefore,it is essential to research how to defend against security threats and ensure service availability in a highly open,complex,and dynamic cloud-native environment,thus enhancing the resilience of cloud-native applications.In this thesis,we focus on the problems introduced to cloud-native applications at three levels:Dev Ops software provisioning,microservices architecture,and containerized runtime environment,and research critical technologies for resilience enhancement of cloud-native applications to defend against security threats and guarantee service availability.At the level of Dev Ops software provisioning,to address the problem that microservice vulnerability backdoors are challenging to govern under the highly open software supply chain,we study endogenous security microservice construction methods to enhance the tolerance capability of microservices to vulnerability backdoors.At the level of microservice architecture,to address the problem of difficulty in controlling the attack surface of cloud-native applications caused by complex invocation among microservices,we study the multidimensional dynamic defense strategy of microservices to improve the attack surface governance of cloud-native applications.At the level of containerized operation environment,on the one hand,for the problem that it is difficult to defend against the risk of multi-application co-location attack caused by the lightweight of container virtualization technology,we study the multi-application microservice placement algorithm to reduce the damage scope of multi-application co-location attack;on the other hand,for the problem that it is difficult for cloud-native applications to adapt to burst workload caused by container cold start,we study the microservice active resource provisioning method to guarantee the service availability of cloud-native applications under burst workload.The main contributions of this thesis are as follows:1.An endogenous security microservice construction method(Sec Ingress)based on dynamic heterogeneous redundant architecture is proposed.The method is based on dynamic,heterogeneous,and redundant microservices to present attack surfaces with spatial and temporal uncertainty to attackers,thus enhancing the tolerance of microservices to vulnerabilities and backdoors.First,the Sec Ingress framework,which is seamlessly integrated into the cloud-native environment based on the microservice API gateway,is produced to discover and dispose of vulnerable backdoor exploit cyber attacks by comparing the similarities or differences in responses and selecting outputs of heterogeneous redundant microservice executors based on the characteristic that heterogeneous microservice executors present different responses to the same cyber attack.On this basis,an adaptive voting strategy based on inventory model optimization is proposed to improve the adaptability of Sec Ingress to microservices based on persistent connections and intermittent transmission of response data.Finally,a prototype system of Sec Ingress is implemented and experimentally evaluated based on it.The results show that the adaptive voting strategy is more efficient and has less resource overhead compared to existing voting strategies,and the numbers of exploitable vulnerabilities and cyber threats of endogenous security microservices constructed based on Sec Ingress are reduced by 55.10% and 41.70%,respectively,compared to ordinary microservices.2.A multi-dimensional dynamic defense strategy for microservices(D2RA)based on deep reinforcement learning is proposed.Based on the fact that the attack process needs to be carried out in multiple steps,this strategy improves the attack surface governance of cloud-native applications through a dynamic defense strategy with dynamic transformation and dynamic recleaning of microservices to achieve dynamic attack surface and damage recoverability of cloudnative applications.To achieve the optimal dynamic defense strategy,we first establish a microservice system model that depicts the mapping relationship between the dynamic defense strategy and the security,resource overhead,and service availability of cloud-native applications.Then,a microservice dynamic defense strategy optimization algorithm based on deep reinforcement learning is proposed to provide a multi-dimensional dynamic defense strategy for cloud-native applications to defend against security threats while maintaining the service availability of cloud-native applications.Finally,the effectiveness of the strategy is verified based on simulation experiments,and the results show that the strategy improves by 19.07% and 42.31%in terms of defense effectiveness and quality of service,respectively,compared to existing dynamic defense strategies.3.A multi-cloud native application microservice placement algorithm(Ms CPA)for container co-residence attacks is proposed.Based on the more extensive threat range of critical microservices under co-resident attacks,the algorithm reduces the compromise range of multiapplication microservices in computing clusters by optimizing their placement strategy.First,the assessment of co-resident risk for multiple cloud-native applications in a cluster of computing nodes is proposed based on the threat model that attack payloads can propagate between multiple cloud-native applications based on co-resident attacks and microservice invocation relationships.Then,by decentralizing the critical microservices of multiple applications to different computing nodes,we can avoid the expansion of the threat scope of critical microservices due to co-resident attacks and thus enhance the defense capability against co-resident attacks in multi-application scenarios.Finally,the proposed algorithm is evaluated based on simulation experiments,and the results show that the algorithm reduces the risk of multi-application co-resident attacks by 18.74%and improves the performance of compute node cluster load balancing by 15.43% compared to other container placement algorithms.4.A microservice active resource provisioning method(Cushion)for container cold start is proposed.The approach is based on faster workload scheduling and achieves fast adaptability to burst workloads by combining workload scheduling based on reserved warm backup containers with container autoscaling.First,a workload prediction model based on the LSTM network is established to predict the workload of microservices.Then,an automated microservice performance model construction framework is built to generate response latency and cold start latency models for microservices to predict the container replicas of microservices required by workloads and the time required for these container replicas to start,respectively.Based on this,we propose a proactive resource provisioning approach based on reserved warm backup containers for workload scheduling and container autoscaling to improve the service availability of microservices under dynamic and bursty workloads.Finally,Cushion is experimentally evaluated,and the results show that Cushion reduces the Service Level Objective(SLO)violation of benchmark microservices by 9.12 times and increases the throughput by 23.75% compared with existing container resource provisioning methods. |
PDF Full Text Request