Wiretapping Pods and Nodes - Lawful Interception in Kubernetes
DOI:
https://doi.org/10.14279/tuj.eceasst.80.1148Abstract
Nowadays IT infrastructures have to supply a flexible and dynamic platform
for the provision of modern applications. Kubernetes is one of the most notable
environments for the provisioning of small and independently running microservices
used by modern applications. With Kubernetes, these microservices can be developed,
deployed, updated and scaled in a continuous process. This flexibility is a
huge advantage to older and more static environments. But whereas these old infrastructures
lack in dynamics, necessary digital investigation are easier to accomplish.
This need is still existing in modern environments, hence this paper presents a novel
approach for the lawful interception of network packets in a Kubernetes cluster. The
approach improves the dynamic capture processes by monitoring involved devices
assigned to a defined application without hampering the environment or capturing
unwanted network packets.
Keywords: Kubernetes, network
