TrapShield: Enhancing Security and Privacy in Serverless Workflows using Honeypots by Robust Adversary Penalization

The marked shift of application developers to serverless computing has led to an increase in the number of cyberattacks and privacy concerns, thus prompting the need for secure serverless workflows. We propose TrapShield, a honeypots-based, secure and privacy preserving framework to protect serverle...

Full description

Saved in:
Bibliographic Details
Main Authors: Garg, Surabhi, Suresh, Maithri, Thakur, Meena Singh Dilip, Rajan, M A, Sahu, Pankaj, Gharote, Mangesh, Ramesh, Manju, Lodha, Sachin
Format: Conference Proceeding
Language:English
Subjects:
Airline industry
Cost Optimization
Costs
Dummy nodes
Honeypots
Information filtering
Information integrity
Insider attacks
Optimization
Penalize
Privacy
Runtime
Security
Serverless Cloud Security
Serverless computing
Web services
Workflows
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The marked shift of application developers to serverless computing has led to an increase in the number of cyberattacks and privacy concerns, thus prompting the need for secure serverless workflows. We propose TrapShield, a honeypots-based, secure and privacy preserving framework to protect serverless computing applications from insider and outsider attacks. It utilizes honeypots to deceive the attackers and penalize them by redirecting to a random set of dummy functions forming a cycle. Evaluations on Google Cloud Platform and Amazon Web Services for three popular serverless applications show TrapShield's effectiveness in reducing costs for thwarting attacks while maintaining high runtime performance (approximately 1.3 seconds for an airline booking application).
ISSN:2694-0825
DOI:10.1109/IC2E61754.2024.00034