Death by design: a biological approach to container security

Author

Alexander Hunter Moomaw, Eastern Washington University

Date of Award

Spring 2025

Rights

Access is available to all users

Document Type

Thesis

Degree Name

Master of Science (MS) in Professional Cybersecurity

Department

Computer Science and Electrical Engineering

Abstract

Microservice architectures are central to modern cloud computing and have become the dominant design pattern for scalable, distributed applications. Kubernetes is often the tool used for rapid deployment and orchestration of microservices. A known issue for large networks clusters is a malicious actor can compromise a vulnerable cluster in minutes. Their ability to quickly compromise vulnerable clusters highlights the urgent need for stronger security. This project views cluster defense through a preemptive security lens, introducing the Cluster Life cycle Management System (CLMS). Inspired by the biological process of apoptosis, CLMS systematically replaces aging containers and services to prevent exploitation of a Kubernetes environment before it begins. CLMS addresses both performance degradation and evolving cybersecurity threats, to set a higher standard for secure, highly available Kubernetes environments. My thesis research states that restarting containers in a microservice environment can reduce the opportunity for lateral movement by attackers, increasing the overall security of the system.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Recommended Citation

Moomaw, Alexander Hunter, "Death by design: a biological approach to container security" (2025). EWU Masters Thesis Collection. 987.
https://dc.ewu.edu/theses/987