Training-less Anomaly-based Intrusion Detection in Containerized Microservices
Asbat El Khairi is a PhD student in the Department of Semantics, Cybersecurity & Services. (Co)Promotors are dr.ir. A. Continella and prof.dr. A. Peter from the Faculty of Electrical Engineering, Mathematics and Computer Science and dr. M. Caselli from Siemens AG.
Containerized microservices have become a cornerstone of cloud-native computing, offering modularity, horizontal scalability, and operational agility. Nevertheless, their growing adoption has also attracted adversarial interest. Threat actors are increasingly aligning their tactics with the microservices paradigm, exploiting containerized workloads as entry points into cloud environments, paving the way for data breaches, disruption of mission-critical services, or even full-scale compromise of cloud infrastructure. These risks underscore the need for container runtime threat detection solutions that can accurately detect malicious activity and promptly alert security teams, enabling timely incident response.
Anomaly-based intrusion detection solutions offer a promising way to detect container threats by flagging deviations from expected behavior. However, their deployment is often hindered by a core limitation: a reliance on static, training-based behavioral baselines to distinguish between benign and malicious activity. Prior studies show that these baselines age quickly in microservices-based environments, where frequent feature rollouts and shifting workloads continually redefine normal behavior. This rapid aging results in elevated false positives, necessitating frequent retraining—a costly process that demands time and rigorous validation to preserve trust in detection outcomes. This challenge exposes a fundamental trade-off between detection performance and operational agility in microservices-based environments: microservices must either operate with outdated detection baselines, risking excessive false alarms, or delay release cycles to accommodate retraining, undermining the very agility that containerized microservices are meant to provide.
In this work, we show that this trade-off is not intrinsic to anomaly detection itself, but rather a consequence of relying on static, training-based baselines. By leveraging the core properties of microservices, namely their narrow functional scope that promotes modularity, along with statelessness and replication that enable scalability and fault tolerance, we demonstrate that training-less anomaly detection is achievable in microservices-based environments. First, we leverage replication, where identical container instances (i.e., replicas) are deployed to execute equivalent workloads, leading to consistent behavioral patterns across replicas. We develop a detection system that monitors replica behavior and identifies inconsistencies as anomalies without prior training. Second, to support single-instance deployments, we leverage the narrow functional scope of microservices, which typically execute a single, well-defined workload, resulting in stable and predictable execution behavior throughout their lifetime. We develop a detection system that profiles execution during startup and detects anomalies as deviations from this startup-time baseline, without requiring prior training. Third, we leverage the stateless design of microservices, where persistent data is externalized and local writes are confined to a small set of predictable filesystem locations. We develop a detection system that infers these writable areas at startup without prior training and enforces selective immutability at runtime, flagging unexpected writes as anomalous. Finally, we extend the training-less approach to container runtime hardening. Building on the narrow functional scope of microservices and their stable execution patterns, we develop a mechanism that restricts executables to the primary workload, preventing unauthorized code execution. This proactive enforcement complements detection by reducing the container’s attack surface without requiring prior training.
In summary, these contributions advance the state of anomaly detection in microservices and illustrate how training-less techniques can contribute to more practical and adaptive threat detection in modern cloud environments.
