Wiretapping Pods and Nodes - Lawful Interception in Kubernetes

Daniel Spiekermann, Jörg Keller


Nowadays IT infrastructures have to supply a flexible and dynamic platform

for the provision of modern applications. Kubernetes is one of the most notable

environments for the provisioning of small and independently running microservices

used by modern applications. With Kubernetes, these microservices can be developed,

deployed, updated and scaled in a continuous process. This flexibility is a

huge advantage to older and more static environments. But whereas these old infrastructures

lack in dynamics, necessary digital investigation are easier to accomplish.

This need is still existing in modern environments, hence this paper presents a novel

approach for the lawful interception of network packets in a Kubernetes cluster. The

approach improves the dynamic capture processes by monitoring involved devices

assigned to a defined application without hampering the environment or capturing

unwanted network packets.

Keywords: Kubernetes, network

Full Text:


DOI: http://dx.doi.org/10.14279/tuj.eceasst.80.1148

DOI (PDF): http://dx.doi.org/10.14279/tuj.eceasst.80.1148.1112

Hosted By Universitätsbibliothek TU Berlin.