A Unified Multi-Layer Framework for Detecting and Mitigating Web Application Attacks in Cloud-Native Environments
Article Sidebar
Main Article Content
Abstract
Cloud-native architectures have introduced unprecedented scalability and flexibility for modern web applications, yet they have simultaneously expanded the attack surface and exposed systems to increasingly sophisticated intrusion patterns. Existing security approaches—such as provenance-based anomaly detection and machine-learning-driven web intrusion detection—have shown promising performance individually but suffer from scalability, contextual gaps, and limited visibility when deployed in isolation. This study proposes a unified, multi-layer security framework that integrates runtime provenance analysis with optimized SVM-based web intrusion detection to deliver comprehensive protection for containerized and orchestrated cloud-native systems. The framework correlates application-level HTTP feature extraction, container-level provenance graph analysis, and orchestration-level event aggregation, enabling early recognition of both rapid, high-volume attacks and stealthy low-and-slow Advanced Persistent Threats. Experimental evaluation using web intrusion datasets and provenance-based APT traces demonstrates that the combined model significantly enhances detection accuracy, reduces false alarms, and improves the timeliness of automated mitigation actions such as container isolation. By bridging cross-layer visibility and leveraging machine-learning optimization, the unified framework offers a scalable and robust security architecture tailored to the demands of modern cloud-native deployments.
Article Details
Issue
Section
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
How to Cite
References
M. Srokosz, D. Rusinek, and B. Ksiezopolski, “A new WAF-based architecture for protecting web applications against CSRF attacks in malicious environment,” in Proceedings of the 2018 Federated Conference on Computer Science and Information Systems, FedCSIS 2018, 2018. doi: 10.15439/2018F208. DOI: https://doi.org/10.15439/2018F208
A. Bararia and Ms. V. Choudhary, “Systematic Review of Common Web-Application Vulnerabilities,” INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT, vol. 07, no. 01, 2023, doi: 10.55041/ijsrem17487. DOI: https://doi.org/10.55041/IJSREM17487
R. E. A. Armya, L. M. Abdulrahman, N. M. Abdulkareem, and A. A. Salih, “Web-based Efficiency of Distributed Systems and IoT on Functionality of Smart City Applications,” Journal of Smart Internet of Things, vol. 2023, no. 2, pp. 142–161, Dec. 2023, doi: 10.2478/jsiot-2023-0017. DOI: https://doi.org/10.2478/jsiot-2023-0017
A. K. Priyanka and S. Sai Smruthi, “Web Application Vulnerabilities: Exploitation and Prevention,” in Proceedings - ICOECS 2020: 2020 International Conference on Electrotechnical Complexes and Systems, 2020. doi: 10.1109/ICOECS50468.2020.9278437. DOI: https://doi.org/10.1109/ICOECS50468.2020.9278437
I. JOURNAL, “Web Application Vulnerabilities and Best Practices: A Comprehensive Analysis,” INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT, vol. 07, no. 08, 2023, doi: 10.55041/ijsrem25165. DOI: https://doi.org/10.55041/IJSREM25165
S. Jueyendah and C. H. Martins, “Computational Engineering and Physical Modeling Optimal Design of Welded Structure Using SVM ARTICLE INFO ABSTRACT,” Optimal Design of Welded Structure Using SVM. Computational Engineering and Physical Modeling, vol. 7, no. 3, pp. 84–107, 2024, doi: 10.22115/cepm.2024.485191.1338.
A. K. Priyanka and S. S. Smruthi, “WebApplication Vulnerabilities:Exploitation and Prevention,” in Proceedings of the 2nd International Conference on Inventive Research in Computing Applications, ICIRCA 2020, 2020. doi: 10.1109/ICIRCA48905.2020.9182928. DOI: https://doi.org/10.1109/ICIRCA48905.2020.9182928
S. Sarkar, “Detecting Vulnerabilities of Web Application Using Penetration Testing and Prevent Using Threat Modeling,” in Lecture Notes in Electrical Engineering, 2021. doi: 10.1007/978-981-15-8752-8_3. DOI: https://doi.org/10.1007/978-981-15-8752-8_3
P. K. Patra, H. Singh, and G. Singh, “Fault Tolerance Techniques and Comparative Implementation in Cloud Computing,” 2013.
L. Haji et al., “Dynamic Resource Allocation for Distributed Systems and Cloud Computing,” 2020, [Online]. Available: https://www.researchgate.net/publication/342317991
S. M. A. Attallah, M. B. Fayek, S. M. Nassar, and E. E. Hemayed, “Proactive load balancing fault tolerance algorithm in cloud computing,” Concurr Comput, vol. 33, no. 10, May 2021, doi: 10.1002/cpe.6172. DOI: https://doi.org/10.1002/cpe.6172
K. Jacksi, S. R. M. Zeebaree, and N. Dimililer, “LOD Explorer: Presenting the Web of Data,” 2018. [Online]. Available: www.ijacsa.thesai.org DOI: https://doi.org/10.14569/IJACSA.2018.090107
R. Asaad, R. Ismail Ali, and S. Almufti, “Hybrid Big Data Analytics: Integrating Structured and Unstructured Data for Predictive Intelligence,” Qubahan Techno Journal, vol. 1, no. 2, Apr. 2022, doi: 10.48161/qtj.v1n2a14. DOI: https://doi.org/10.48161/qtj.v1n2a14
E. Chatzoglou, V. Kouliaridis, G. Kambourakis, G. Karopoulos, and S. Gritzalis, “A hands-on gaze on HTTP/3 security through the lens of HTTP/2 and a public dataset,” Comput Secur, vol. 125, 2023, doi: 10.1016/j.cose.2022.103051. DOI: https://doi.org/10.1016/j.cose.2022.103051
M. Chovanec, M. Hasin, M. Havrilla, and E. Chovancová, “Detection of HTTP DDoS Attacks Using NFStream and TensorFlow,” Applied Sciences (Switzerland), vol. 13, no. 11, 2023, doi: 10.3390/app13116671. DOI: https://doi.org/10.3390/app13116671
A. U. Rehman, R. L. Aguiar, and J. P. Barraca, “Fault-Tolerance in the Scope of Cloud Computing,” IEEE Access, vol. 10, pp. 63422–63441, 2022, doi: 10.1109/ACCESS.2022.3182211. DOI: https://doi.org/10.1109/ACCESS.2022.3182211
M. Nazari Cheraghlou, A. Khadem-Zadeh, and M. Haghparast, “A survey of fault tolerance architecture in cloud computing,” Feb. 01, 2016, Academic Press. doi: 10.1016/j.jnca.2015.10.004. DOI: https://doi.org/10.1016/j.jnca.2015.10.004
A. Rawat, R. Sushil, A. Agarwal, A. Sikander, and R. S. Bhadoria, “A New Adaptive Fault Tolerant Framework in the Cloud,” IETE J Res, vol. 69, no. 5, pp. 2897–2909, 2023, doi: 10.1080/03772063.2021.1907231. DOI: https://doi.org/10.1080/03772063.2021.1907231
L. V. Ganyun, C. Haozhong, Z. Haibao, and D. Lixin, “Fault diagnosis of power transformer based on multi-layer SVM classifier,” Electric Power Systems Research, vol. 74, no. 1, 2005, doi: 10.1016/j.epsr.2004.07.008. DOI: https://doi.org/10.1016/j.epsr.2004.07.008
Y. Ge, S. Zhao, and X. Zhao, “A step-by-step classification algorithm of protein secondary structures based on double-layer SVM model,” Genomics, vol. 112, no. 2, 2020, doi: 10.1016/j.ygeno.2019.11.006. DOI: https://doi.org/10.1016/j.ygeno.2019.11.006
T. Muhammad and H. Ghafory, “SQL Injection Attack Detection Using Machine Learning Algorithm,” Mesopotamian Journal of CyberSecurity, vol. 2022, 2022, doi: 10.58496/MJCS/2022/002. DOI: https://doi.org/10.58496/MJCS/2022/002
D. Kaur and P. Kaur, “Cross-Site-Scripting Attacks and Their Prevention during Development,” International Journal of Engineering Development and Research, vol. 5, no. 3, 2017.
B. Nagpal, N. Chauhan, and N. Singh, “SECSIX: security engine for CSRF, SQL injection and XSS attacks,” International Journal of System Assurance Engineering and Management, vol. 8, 2017, doi: 10.1007/s13198-016-0489-0. DOI: https://doi.org/10.1007/s13198-016-0489-0
S. Sahren, R. A. Dalimuthe, and M. Amin, “Penetration Testing Untuk Deteksi Vulnerability Sistem Informasi Kampus,” Prosiding Seminar Nasional Riset Information Science (SENARIS), vol. 1, 2019, doi: 10.30645/senaris.v1i0.109. DOI: https://doi.org/10.30645/senaris.v1i0.109
S. S. H. Putra, “Penanggulangan Serangan XSS , CSRF , SQL Injection Menggunakan Metode Blackbox Pada Marketplace IVENMU,” Jurnal Pendidikan dan Teknologi Informasi, vol. 4, no. 2, 2017.
R. Boya Marqas, S. M. Almufti, and R. Rajab Asaad, “FIREBASE EFFICIENCY IN CSV DATA EXCHANGE THROUGH PHP-BASED WEBSITES,” Academic Journal of Nawroz University, vol. 11, no. 3, pp. 410–414, Aug. 2022, doi: 10.25007/ajnu.v11n3a1480. DOI: https://doi.org/10.25007/ajnu.v11n3a1480
F. D. Mobo, Z. Sakhi, R. B. Marqas, M. Karabatak, and S. M. Almufti, TOKYO SUMMIT-2 The Book of Full Texts INTERNATIONAL TOKYO CONFERENCE ON INNOVATIVE STUDIES OF CONTEMPORARY SCIENCES-II FIREBASE AND MYSQL PERFORMANCES FOR DATA EXCHANGING WITH CSV FILE IN PHP-BASED WEBSITE.
J. A. Dela Fuente, “Automated Software Testing through Large Language Models: Opportunities and Challenges,” Qubahan Techno Journal, vol. 1, no. 3, pp. 1–16, Jul. 2022, doi: 10.48161/qtj.v1n3a15. DOI: https://doi.org/10.48161/qtj.v1n3a15
E. D. Alvarez, B. D. Correa, and I. F. Arango, “An analysis of XSS, CSRF and SQL injection in colombian software and web site development,” in 2016 8th Euro American Conference on Telematics and Information Systems, EATIS 2016, 2016. doi: 10.1109/EATIS.2016.7520140. DOI: https://doi.org/10.1109/EATIS.2016.7520140
I. Kartanaite and R. Krusinskas, “Financial Efficiency of Unicorns: Regional and Sector Related Aspects,” Engineering Economics, vol. 33, no. 2, 2022, doi: 10.5755/j01.ee.33.2.30798. DOI: https://doi.org/10.5755/j01.ee.33.2.30798
Q. He, Y. Wang, Y. Linlin, and Q. K. Key, “P2PRPIPS: A P2P and reverse proxy based web intrusion protection system,” Research Journal of Applied Sciences, Engineering and Technology, vol. 5, no. 7, 2013, doi: 10.19026/rjaset.5.4677. DOI: https://doi.org/10.19026/rjaset.5.4677
E. Kutsenko, K. Tyurchev, and T. Ostashchenko, “Relocation as a Driver of Innovative Activity: A Global Study of Unicorn Founders’ Migration,” Foresight and STI Governance, vol. 16, no. 4, 2022, doi: 10.17323/2500-2597.2022.4.6.23. DOI: https://doi.org/10.17323/2500-2597.2022.4.6.23
P. J. Gnetchejo, S. N. Essiane, P. Ele, R. Wamkeue, D. M. Wapet, and S. P. Ngoffe, “Enhanced Vibrating Particles System Algorithm for Parameters Estimation of Photovoltaic System,” Journal of Power and Energy Engineering, vol. 07, no. 08, pp. 1–26, 2019, doi: 10.4236/jpee.2019.78001. DOI: https://doi.org/10.4236/jpee.2019.78001