Chaining Digital Services: Challenges to Investigate Cyber-Attacks at Run-Time

Abstract

Today, digital service providers (DSPs) increasingly use external services provided by third parties to create complex business chains, leveraging service-oriented architectures, and everything-as-a-Service (XaaS) management paradigms. However, the heterogeneity and dynamicity of such environments represents a challenge for DSPs. In particular, digital service chaining (DSC) brings the risk of amplifying the scope of cyberthreats and the eluding of local security controls. Building on past experience in distributed monitoring and detection frameworks, this article elaborates on the main challenges when investigating cyber-attacks in complex, heterogeneous, multi-ownership, and interconnected systems. The main contributions are the operational workflow and reference architecture for run-time protection of digital service chains, as well as the identification of the main issues and research directions that the networking and cyber-security communities should jointly address.