Assistant professor in CSSE develops techniques to detect software container orchestration vulnerabilities
Published: Sep 13, 2023 8:15 AM
By Joe McAdory
Akond Rahman is generating novel, program analysis techniques to detect elusive computer bugs and exploitable vulnerabilities in software container orchestration. Why is this important? It stands tall in the fight against cybersecurity attacks, where personal information is often buried within the millions of cloud files that exist in corporate and federal America.
Rahman, assistant professor in computer science and software engineering, is principal investigator on a three-year, $553,295 National Science Foundation (NSF) grant for the project, “Resilient Operations for Deployment Units Used in Container Orchestration,” aimed at targeting and strengthening software resilience.
Software lingo considers a “container” to be a self-contained software environment that includes the necessary elements for operation. Deploying and managing said software to customers/organizations is container orchestration.
The problem? Without resilient implementation of container orchestration, deployed software is potentially vulnerable. But Rahman offers a solution through two tasks: 1) Resilient provisioning of deployment units through detection of discrepant states and resilient volume management, and 2) Resilient routing of traffic between deployment units through detection of firewall and zonal discrepancies.
“If you are someone, or an organization, using container orchestration, my research will provide you with a set of tools which will offer greater resilience to the process,” said Rahman, whose projects “Authentic Learning Modules for DevOps Security Education” and “Enhanced Security Static Analysis for Detecting Insecure Configuration Scripts” earlier this year also earned NSF funding. “I will provide the tools and a checklist of items, or steps to follow.”
Rahman is currently leading three NSF-funded projects, which is rare among academicians early in their respective carers as tenured track professors.
“Execution of these research investigations will yield new scientific evidence, generate novel techniques unique to container orchestration and advance the state of software research,” he said. “All software generated from the project will be publicly available to industry practitioners, research software engineers, and academics for use.”
This is good news, Rahman said, to large software corporations as container orchestration is forecast to become a $1.3 billion industry by 2026.
The project will also broaden the participation in science, technology, engineering and math (STEM) by involving graduate students from under-represented groups, Rahman added, which directly contributes to the nation’s continued efforts to enhance its cyber infrastructure workforce. Two female graduate students have already begun to work on this project.
Media Contact: , jem0040@auburn.edu, 334.844.3447Akond Rahman