NORMA eResearch @NCI Library

Enhancing Serverless Architecture Security: A Framework for Mitigating Event Injection Attacks

Yadav, Prajwal Balasaheb (2024) Enhancing Serverless Architecture Security: A Framework for Mitigating Event Injection Attacks. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration Manual]
Preview
PDF (Configuration Manual)
Download (1MB) | Preview

Abstract

Serverless computing has emerged as a transformative model in cloud service delivery, offering significant advantages such as cost efficiency, scalability, and streamlined development processes. However, this model also introduces unique security challenges, particularly in the form of injection attacks, which exploit vulnerabilities within serverless functions to execute unauthorized commands or access sensitive data. Motivated by the urgent need to address these security concerns, this project aims to develop a comprehensive security framework tailored to mitigate injection attacks in serverless computing environments. The research is guided by the central question: How can a comprehensive security framework be developed to effectively mitigate injection attacks in serverless computing environments? To answer this, the project sets out to investigate the current state of serverless security, design a multi-layered security framework, implement it in a simulated environment, and evaluate its effectiveness. The proposed framework incorporates preventive measures, real-time detection mechanisms, and automated response strategies. It is tested on platforms such as AWS Lambda, Google Cloud Functions, and Microsoft Azure Functions, using various attack scenarios to assess its robustness. Key metrics such as detection accuracy, response time, and impact on system performance are evaluated to ensure the framework's effectiveness and efficiency.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Monaghan, Mark
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 31 Jul 2025 13:28
Last Modified: 31 Jul 2025 13:28
URI: https://norma.ncirl.ie/id/eprint/8386

Actions (login required)

View Item View Item