ASTRID: Addressing threats for virtualised services

Cloud-based services often follow the same logical structure as private networks, with the lack of physical boundaries and dependence on a third party’s infrastructural security mechanisms often undermining confidence in the overall security level of virtualised applications.

Prompted by this growing trend, the ASTRID project aims to build situational awareness for virtualised services to facilitate the detection of sophisticated cyber-attacks and prompt an automated response. This would effectively shift the responsibility for security, privacy and trustworthiness from developers or end users to service providers. It would foster the transition to novel microservices architectures that can support unified access and encryption management, correlation of events and information among different services/applications, support for legal interception and forensics investigation.

In this project, the focus is on detecting vulnerabilities and threats in individual applications as well as across the entire service graph, and also establishing trusted microservices. The novelty lies in decoupling detection algorithms from monitoring and inspection tasks, seeking better integration with virtualisation frameworks.