Detection and isolation of affected elements in a cloud-deployed computer system
This study explores the crucial aspects of identifying and isolating compromised elements within computer systems deployed in cloud environments, focusing on the inherent architectural and functional characteristics of cloud platforms that facilitate resource isolation. The built-in monitoring tools...
Saved in:
| Date: | 2025 |
|---|---|
| Main Author: | |
| Format: | Article |
| Language: | Ukrainian |
| Published: |
Інститут проблем реєстрації інформації НАН України
2025
|
| Subjects: | |
| Online Access: | http://drsp.ipri.kiev.ua/article/view/335755 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Journal Title: | Data Recording, Storage & Processing |
Institution
Data Recording, Storage & Processing| id |
drspiprikievua-article-335755 |
|---|---|
| record_format |
ojs |
| spelling |
drspiprikievua-article-3357552025-08-09T14:55:54Z Detection and isolation of affected elements in a cloud-deployed computer system Виявлення уражень та ізоляція уражених елементів комп’ютерної системи, яку розгорнуто в хмарному середовищі Ардашов, Д. С. живучість хмарних систем, моніторинг у хмарних платформах, відмовостійкі хмарні архітектури cloud system survivability, cloud platform monitoring, fault-tolerant cloud architectures This study explores the crucial aspects of identifying and isolating compromised elements within computer systems deployed in cloud environments, focusing on the inherent architectural and functional characteristics of cloud platforms that facilitate resource isolation. The built-in monitoring tools of the Amazon Web Services (AWS) platform are examined as a case study for detecting vulnerabilities and isolating affected components of applications deployed therein. The investigation emphasizes that ensuring the fault tolerance and availability of cloud-deployed systems necessitates timely detection and isolation of compromised elements, a process influenced by the scalability and virtualization inherent in cloud architectures. The core concept of resource isolation involves distributed services running in virtualized environments, often managed by Auto Scaling Groups across multiple Availability Zones, with Elastic Load Balancing directing user traffic. When a service instance fails or is compromised, it can lead to system-wide instability if not promptly addressed. Thus, identifying and forcibly isolating resources being affected at the system level, often utilizing scaling mechanisms becomes critical. The «noisy neighbor» problem, where excessive resource consumption by one application degrades the performance of others sharing the same physical infrastructure, is also described, along with the techniques for its prevention. The work concludes that modern cloud platforms offer a comprehensive suite of mechanisms for the timely detection and isolation of negative impacts on computer system elements. These mechanisms are found on system observability and the concept of elastic cloud computing. Standardization of telemetry data allows for the integration of third-party monitoring and response services, while machine learning and artificial intelligence represent current trends in threat detection. Future research into the propagation mechanisms of negative impacts to the cloud platform system elements is proposed as a potential avenue for developing new methods to enhance the survivability of cloud-deployed systems. Fig.: 6. Refs: 12 titles. Визначено базові архітектурні функціональні особливості хмарних платформ, що забезпечують механізми ізоляції ресурсів як елементів комп’ютерної системи, яку розгорнуто в хмарному середовищі. Розглянуто вбудовані засоби моніторингу платформи AWS з метою виявлення уражень та ізоляція уражених елементів розгорнутих у платформі додатків. Ідентифіковано ризики деградації доступності хмарних додатків, спричинених спільним використанням фізичної інфраструктури провайдера, та методи запобігання їм. Наведено приклад функціонування механізмів системи розпізнавання потенційних загрозливих впливів AWS GuardDuty. Інститут проблем реєстрації інформації НАН України 2025-05-20 Article Article application/pdf http://drsp.ipri.kiev.ua/article/view/335755 10.35681/1560-9189.2025.27.1.335755 Data Recording, Storage & Processing; Vol. 27 No. 1 (2025); 89-98 Регистрация, хранение и обработка данных; Том 27 № 1 (2025); 89-98 Реєстрація, зберігання і обробка даних; Том 27 № 1 (2025); 89-98 1560-9189 uk http://drsp.ipri.kiev.ua/article/view/335755/324965 Авторське право (c) 2025 Реєстрація, зберігання і обробка даних |
| institution |
Data Recording, Storage & Processing |
| baseUrl_str |
|
| datestamp_date |
2025-08-09T14:55:54Z |
| collection |
OJS |
| language |
Ukrainian |
| topic |
cloud system survivability cloud platform monitoring fault-tolerant cloud architectures |
| spellingShingle |
cloud system survivability cloud platform monitoring fault-tolerant cloud architectures Ардашов, Д. С. Detection and isolation of affected elements in a cloud-deployed computer system |
| topic_facet |
живучість хмарних систем моніторинг у хмарних платформах відмовостійкі хмарні архітектури cloud system survivability cloud platform monitoring fault-tolerant cloud architectures |
| format |
Article |
| author |
Ардашов, Д. С. |
| author_facet |
Ардашов, Д. С. |
| author_sort |
Ардашов, Д. С. |
| title |
Detection and isolation of affected elements in a cloud-deployed computer system |
| title_short |
Detection and isolation of affected elements in a cloud-deployed computer system |
| title_full |
Detection and isolation of affected elements in a cloud-deployed computer system |
| title_fullStr |
Detection and isolation of affected elements in a cloud-deployed computer system |
| title_full_unstemmed |
Detection and isolation of affected elements in a cloud-deployed computer system |
| title_sort |
detection and isolation of affected elements in a cloud-deployed computer system |
| title_alt |
Виявлення уражень та ізоляція уражених елементів комп’ютерної системи, яку розгорнуто в хмарному середовищі |
| description |
This study explores the crucial aspects of identifying and isolating compromised elements within computer systems deployed in cloud environments, focusing on the inherent architectural and functional characteristics of cloud platforms that facilitate resource isolation. The built-in monitoring tools of the Amazon Web Services (AWS) platform are examined as a case study for detecting vulnerabilities and isolating affected components of applications deployed therein.
The investigation emphasizes that ensuring the fault tolerance and availability of cloud-deployed systems necessitates timely detection and isolation of compromised elements, a process influenced by the scalability and virtualization inherent in cloud architectures. The core concept of resource isolation involves distributed services running in virtualized environments, often managed by Auto Scaling Groups across multiple Availability Zones, with Elastic Load Balancing directing user traffic. When a service instance fails or is compromised, it can lead to system-wide instability if not promptly addressed. Thus, identifying and forcibly isolating resources being affected at the system level, often utilizing scaling mechanisms becomes critical.
The «noisy neighbor» problem, where excessive resource consumption by one application degrades the performance of others sharing the same physical infrastructure, is also described, along with the techniques for its prevention.
The work concludes that modern cloud platforms offer a comprehensive suite of mechanisms for the timely detection and isolation of negative impacts on computer system elements. These mechanisms are found on system observability and the concept of elastic cloud computing. Standardization of telemetry data allows for the integration of third-party monitoring and response services, while machine learning and artificial intelligence represent current trends in threat detection. Future research into the propagation mechanisms of negative impacts to the cloud platform system elements is proposed as a potential avenue for developing new methods to enhance the survivability of cloud-deployed systems. Fig.: 6. Refs: 12 titles. |
| publisher |
Інститут проблем реєстрації інформації НАН України |
| publishDate |
2025 |
| url |
http://drsp.ipri.kiev.ua/article/view/335755 |
| work_keys_str_mv |
AT ardašovds detectionandisolationofaffectedelementsinaclouddeployedcomputersystem AT ardašovds viâvlennâuraženʹtaízolâcíâuraženihelementívkompûternoísistemiâkurozgornutovhmarnomuseredoviŝí |
| first_indexed |
2025-09-17T09:26:44Z |
| last_indexed |
2025-09-17T09:26:44Z |
| _version_ |
1851774436874649600 |