Microservice-based architecture is a relatively new paradigm of software development that has gained tremendous popularity recently. A microservice-based application comprises multiple relatively small independent functional components (microservices) that interact to accomplish a sophisticated function. Microservices enable agile development and deployment of applications and enhanced scalability and resiliency. However, microservices-based systems have more significant security concerns than traditional monolithic systems. In this article, we discuss the various security loopholes of a microservice-based architecture and how these diverse components increase the attack surface of the aggregate framework. This article also proposes a machine learning (ML) based behavioral analysis framework that analyzes the network traffic and API calls to detect flaws and vulnerabilities in the microservice architecture to overcome these challenges. Prior research has demonstrated the potential of network monitoring to secure microservice-based cloud applications. However, they used hand-designed policies to enforce security compliance. Manually designed policies have their drawbacks. This article discusses these challenges and proposes a novel ML-based pattern recognition to automate the manual definition of policies. ML-based attack detection techniques have achieved stateof-the-art performance in various cybersecurity applications like malware detection and vulnerability detection. However, security monitoring of microservice-based applications is still a developing research field that has not experienced the impact of ML yet. This article proposes implementing supervised ML-based security monitoring of microservice-based applications based on Seeker to detect vulnerability exploits in real-time.

The emerging QUIC protocol provides efficient migration of IP addresses in a device without breaking the existing connection. This mechanism has been exploited in MIMIQ to provide user privacy and obstruct traffic analysis attacks. The frequent change of a device’s IP address thwarts traffic analysis attacks, and hinders the derivation of user behavioral patterns. This protocol can be useful for ISPs to provide privacy-preserving telecom services. In the original paper of MIMIQ, the authors demonstrate a proof-of-concept (POC) implementation on a single switch. This is a simplified example that is not scalable for real-world applications. In this project, we aim to implement MIMIQ on a user application. To make it easier to adapt, we implement it as a plug-in service on popular QUIC implementations. In the original POC, the address allocation scheme was naive and detailed analysis can reveal the user identity. In this article, we study the security properties of MIMIQ and propose an efficient, secure, and scalable address allocation mechanism.