Skip to content

ReplicaWatcher: Training-less Anomaly Detection in Containerized Microservices - NDSS'24

Notifications You must be signed in to change notification settings

baobaoupup/ReplicaWatcher

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 

Repository files navigation

ReplicaWatcher

Welcome to the GitHub repository for "ReplicaWatcher: Training-less Anomaly Detection in Containerized Microservices", as presented at the Network and Distributed System Security Symposium (NDSS) 2024. Our work introduces a novel, training-less approach to anomaly detection in containerized microservices. For more details, please check out our paper here.

About ReplicaWatcher

ReplicaWatcher leverages redundancy and narrow functionalities in microservices to detect anomalies by analyzing discrepancies between replicas.

Repository Structure

This repository is organized into three main folders:

  • chisel: Contains the code for our customized chisel, designed to extract kernel events generated by replicas.

  • replicawatcher: Contains the core logic of ReplicaWatcher. It includes the algorithms and mechanisms for processing the kernel events captured by the chisel, as well as for identifying anomalies.

  • normalityshift: Contains a demonstration of how an upgrade at the base OS level can lead to changes in the executed system calls.

Citation

If you use ReplicaWatcher in your research, please consider citing our paper:

@inproceedings{elkhairi_replicawatcher_24,
 author = {Asbat El Khairi and Marco Caselli and Andreas Peter and Andrea Continella},
 booktitle = {Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)},
 month = {February},
 title = {ReplicaWatcher: Training-less Anomaly Detection in Containerized Microservices},
 year = {2024}
}

About

ReplicaWatcher: Training-less Anomaly Detection in Containerized Microservices - NDSS'24

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Lua 51.8%
  • Python 45.2%
  • Dockerfile 1.5%
  • PHP 1.5%