{"id":"https://openalex.org/W4407784407","doi":"https://doi.org/10.1109/comsnets63942.2025.10885639","title":"Towards Generating a Robust, Scalable and Dynamic Provenance Graph for Attack Investigation over Distributed Microservice Architecture","display_name":"Towards Generating a Robust, Scalable and Dynamic Provenance Graph for Attack Investigation over Distributed Microservice Architecture","publication_year":2025,"publication_date":"2025-01-06","ids":{"openalex":"https://openalex.org/W4407784407","doi":"https://doi.org/10.1109/comsnets63942.2025.10885639"},"language":"en","primary_location":{"id":"doi:10.1109/comsnets63942.2025.10885639","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comsnets63942.2025.10885639","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 17th International Conference on COMmunication Systems and NETworks (COMSNETS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5116346700","display_name":"Utkalika Satpathy","orcid":null},"institutions":[{"id":"https://openalex.org/I145894827","display_name":"Indian Institute of Technology Kharagpur","ror":"https://ror.org/03w5sq511","country_code":"IN","type":"education","lineage":["https://openalex.org/I145894827"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Utkalika Satpathy","raw_affiliation_strings":["IIT,Department of Computer Science and Engineering,Kharagpur,India"],"affiliations":[{"raw_affiliation_string":"IIT,Department of Computer Science and Engineering,Kharagpur,India","institution_ids":["https://openalex.org/I145894827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092162468","display_name":"Harsh Borse","orcid":"https://orcid.org/0009-0001-6860-093X"},"institutions":[{"id":"https://openalex.org/I145894827","display_name":"Indian Institute of Technology Kharagpur","ror":"https://ror.org/03w5sq511","country_code":"IN","type":"education","lineage":["https://openalex.org/I145894827"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Harsh Borse","raw_affiliation_strings":["IIT,Department of Computer Science and Engineering,Kharagpur,India"],"affiliations":[{"raw_affiliation_string":"IIT,Department of Computer Science and Engineering,Kharagpur,India","institution_ids":["https://openalex.org/I145894827"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5001115038","display_name":"Sandip Chakraborty","orcid":"https://orcid.org/0000-0003-3531-968X"},"institutions":[{"id":"https://openalex.org/I145894827","display_name":"Indian Institute of Technology Kharagpur","ror":"https://ror.org/03w5sq511","country_code":"IN","type":"education","lineage":["https://openalex.org/I145894827"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Sandip Chakraborty","raw_affiliation_strings":["IIT,Department of Computer Science and Engineering,Kharagpur,India"],"affiliations":[{"raw_affiliation_string":"IIT,Department of Computer Science and Engineering,Kharagpur,India","institution_ids":["https://openalex.org/I145894827"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5116346700"],"corresponding_institution_ids":["https://openalex.org/I145894827"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.03207151,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"566","last_page":"574"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9911999702453613,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.9904999732971191,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.79396653175354},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.7888742685317993},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.687786877155304},{"id":"https://openalex.org/keywords/microservices","display_name":"Microservices","score":0.6560208797454834},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.5790647864341736},{"id":"https://openalex.org/keywords/provenance","display_name":"Provenance","score":0.5294190049171448},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.4794553518295288},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.22399595379829407},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2053007185459137},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.10802662372589111}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.79396653175354},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.7888742685317993},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.687786877155304},{"id":"https://openalex.org/C2778505942","wikidata":"https://www.wikidata.org/wiki/Q18344624","display_name":"Microservices","level":3,"score":0.6560208797454834},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.5790647864341736},{"id":"https://openalex.org/C2780049196","wikidata":"https://www.wikidata.org/wiki/Q23582628","display_name":"Provenance","level":2,"score":0.5294190049171448},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.4794553518295288},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.22399595379829407},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2053007185459137},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.10802662372589111},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C5900021","wikidata":"https://www.wikidata.org/wiki/Q163082","display_name":"Petrology","level":1,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/comsnets63942.2025.10885639","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comsnets63942.2025.10885639","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 17th International Conference on COMmunication Systems and NETworks (COMSNETS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W168132470","https://openalex.org/W1993990529","https://openalex.org/W2100533862","https://openalex.org/W2293101494","https://openalex.org/W2620774151","https://openalex.org/W2747669027","https://openalex.org/W2787027464","https://openalex.org/W2910711617","https://openalex.org/W2942615718","https://openalex.org/W2947745012","https://openalex.org/W2962703433","https://openalex.org/W2978956219","https://openalex.org/W2998038410","https://openalex.org/W3006711782","https://openalex.org/W3008508243","https://openalex.org/W3127013462","https://openalex.org/W3128928115","https://openalex.org/W3134199133","https://openalex.org/W3189437225","https://openalex.org/W3212868562","https://openalex.org/W4205617621","https://openalex.org/W4226139354","https://openalex.org/W4280556079","https://openalex.org/W4292158430","https://openalex.org/W4311703141","https://openalex.org/W4312729043","https://openalex.org/W4324007191","https://openalex.org/W4328028676","https://openalex.org/W4361852873","https://openalex.org/W4365514648","https://openalex.org/W4391877092","https://openalex.org/W4400976357","https://openalex.org/W6628457668","https://openalex.org/W6751629095","https://openalex.org/W6793953445","https://openalex.org/W6796237833","https://openalex.org/W6802538371","https://openalex.org/W6803339927","https://openalex.org/W6873320552"],"related_works":["https://openalex.org/W4210334847","https://openalex.org/W3181741639","https://openalex.org/W4367181468","https://openalex.org/W2767473057","https://openalex.org/W4225586032","https://openalex.org/W3003367851","https://openalex.org/W1492892507","https://openalex.org/W3119944216","https://openalex.org/W2994988622","https://openalex.org/W2888006113"],"abstract_inverted_index":{"In":[0],"recent":[1],"years,":[2],"detecting":[3],"sophisticated":[4],"attacks":[5],"in":[6,59],"distributed":[7,63],"microservice":[8,64],"environments":[9],"has":[10],"become":[11],"increasingly":[12],"challenging,":[13],"mainly":[14],"due":[15],"to":[16,57,103,122],"containerization,":[17],"which":[18],"adds":[19],"another":[20],"dimension":[21],"of":[22,32],"complexity":[23],"for":[24,38,49],"collecting":[25],"the":[26,30,83],"system":[27,102],"logs":[28],"and":[29,40,53,76,89,119],"lack":[31],"applications":[33],"designed":[34],"with":[35,97],"known":[36,98],"vulnerabilities":[37,99],"reproducibility":[39],"experimentation.":[41],"This":[42],"paper":[43],"presents":[44],"a":[45],"framework":[46],"called":[47],"\u00b5Prov":[48,114],"generating":[50],"robust,":[51],"scalable,":[52],"dynamic":[54,78],"provenance":[55,80],"graphs":[56,81],"aid":[58],"attack":[60,95],"investigation":[61],"over":[62],"architectures.":[65],"Our":[66],"approach":[67],"captures":[68],"fine-grained,":[69],"system-level":[70],"interactions":[71],"across":[72],"microservices":[73],"leveraging":[74],"eBPF":[75],"constructs":[77],"runtime":[79],"representing":[82],"causal":[84],"relationships":[85],"between":[86],"processes,":[87],"files,":[88],"network":[90],"activities.":[91],"We":[92],"integrate":[93],"real-world":[94],"scenarios":[96],"into":[100],"our":[101],"evaluate":[104],"its":[105],"effectiveness.":[106],"Through":[107],"extensive":[108],"empirical":[109],"analysis,":[110],"we":[111],"demonstrate":[112],"that":[113],"offers":[115],"improved":[116],"accuracy,":[117],"scalability,":[118],"granularity":[120],"compared":[121],"traditional":[123],"logging":[124],"methods.":[125]},"counts_by_year":[],"updated_date":"2025-12-28T23:10:05.387466","created_date":"2025-10-10T00:00:00"}