隨著科技的日新月異，物聯網技術的發達，使得網路需求相當的廣泛，許多應用上都需要透過網路來傳達資訊，包括網路購物、線上辦公、智慧車聯網、智慧電視等等，而在資訊傳遞的過程，往往會不小心把重要資訊暴露在危險之中，因此，資訊安全也逐漸備受重視。
傳統的Intrusion Detection System伺服器大多都佈署在一般常見的主機與作業系統上，雖然易於佈署，但是也導致系統暴露於資安的風險之中，容易被有心人士攻擊並且竊取資料。為了解決資安問題，我們以Kubernetes容器化集群來構建Host-based Intrusion Detection System (HIDS)結合Security Information Event Management (SIEM)成資訊安全日誌管理系統的微服務，由於他可以對多個容器進行管理並且快速自動佈署應用，兼具Load Balancer 以及自動偵測並重啟故障的容器的特點，除了可以提高資訊的隱蔽性，也可以防止單點故障的問題。
在本論文中，以Kubernetes佈署資訊安全日誌管理系統的Server，每個Control Plane負責處理對集群的要求並調度集群內的資源，並且藉由Kube-vip來達到Load Balancer的功能來維持服務的提供，Worker Node分別運行對應的Pod，當Pod發生故障時會自動重啟，在系統管理方面相當有彈性。而Agent則可以兼容多個嵌入式平台，有效整合不同作業系統的資訊安全日誌。

[1] Samodha Pallewatta, Vassilis Kostakos, Rajkumar Buyya. (2022). Microservices-based IoT Applications Scheduling in Edge and Fog Computing: A Taxonomy and Future Directions. arXiv preprint arXiv:2207.05399.

[2] Vasiliki Demertzi, Stavros Demertzis, Konstantinos Demertzis. (2022). An Overview of Cyber Threats, Attacks, and Countermeasures on the Primary Domains of Smart Cities. arXiv preprint arXiv:2207.04424.

[3] Jasmin Bogatinovski, Gjorgji Madjarov, Sasho Nedelkoski, Jorge Cardoso, Odej Kao. (2022). Leveraging Log Instructions in Log-based Anomaly Detection. arXiv preprint arXiv:2207.03206.

[4] Dattaraj Rao, Shraddha Mane. (2021). Zero-shot learning approach to adaptive Cybersecurity using Explainable AI. arXiv preprint arXiv:2106.14647.

[5] Tarrah R. Glass-Vanderlan, Michael D. Iannacone, Maria S. Vincent, Qian (Guinevere)Chen, Robert A. Bridges. (2018). A Survey of Intrusion Detection Systems Leveraging Host Data. arXiv preprint arXiv:1805.06070.

[6] Kubernetes Official Website. Accessed on June 1, 2022. [Online]. Available: https://kubernetes.io/

[7] Sudeep Pasricha. (2022). Embedded Systems Education in the 2020s: Challenges, Reflections, and Future Directions. arXiv preprint arXiv:2206.13717.

[8] Joel Mandebi Mbongue, Danielle Tchuinkou Kwadjo, Christophe Bobda. (2021). Performance Exploration of Virtualization Systems. arXiv preprint arXiv:2103.07092.

[9] Wazuh official Documentation. Accessed on June 1, 2022. [Online]. Available: https://wazuh.com

[10] High Availability SearchDataCenter Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.techtarget.com/searchdatacenter/definition/high-availability

[11] ELK Stack official Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.elastic.co/elastic-stack/

[12] Swapneel Mehta, Prasanth Kothuri, Daniel Lanza Garcia. (2018). A Big Data Architecture for Log Data Storage and Analysis. arXiv preprint arXiv:1812.00111.

[13] Manuel Rigger, Zhendong Su. (2020). Testing Database Engines via Pivoted Query Synthesis. arXiv preprint arXiv:2001.04174.

[14] Jinhong Li, Qiuping Wang, Patrick P. C. Lee, Chao Shi. (2022). An In-Depth Comparative Analysis of Cloud Block Storage Workloads: Findings and Implications. arXiv preprint arXiv:2203.10766.

[15] Apache Lucence official Documentation. Accessed on June 1, 2022. [Online]. Available: https://lucene.apache.org/

[16] REST API Tutorial Documentation. Accessed on June 1, 2022. [Online]. Available: https://restfulapi.net/

[17] JSON official Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.json.org/json-en.html

[18] Alexander Bakhtin, Abdullah Al Maruf, Tomas Cerny, Davide Taibi. (2022). Survey on Tools and Techniques Detecting Microservice API Patterns. arXiv preprint arXiv:2205.10133.

[19] Ran Ben Basat, Gil Einziger, Isaac Keslassy, Ariel Orda, Shay Vargaftik, Erez Waisbard. (2022). Memento: Making Sliding Windows Efficient for Heavy Hitters. arXiv preprint arXiv:1810.02899.

[20] Docker Hub official Documentation. Accessed on June 1, 2022. [Online]. https://hub.docker.com/

[21] YAML Wiki Documentation. Accessed on June 1, 2022. [Online]. Available: https://zh.m.wikipedia.org/zh-tw/YAML

[22] Muhammed Fatih Bulut, Abdulhamid Adebayo, Daby Sow, Steve Ocepek. (2022). Vulnerability Prioritization: An Offensive Security Approach. arXiv preprint arXiv:2206.11182.

[23] Virtual Box official Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.virtualbox.org/

[24] Kria KV260 Vision AI Starter Kit Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.xilinx.com/products/som/kria/kv260-vision-starter-kit/kv260-getting-started/getting-started.html

[25] Raspberry Pi Wiki Documentation. Accessed on June 1, 2022. [Online]. Available: https://en.wikipedia.org/wiki/Raspberry_Pi

[26] Pynq-z2 Official Documentation. Accessed on June 1, 2022. [Online]. Available: https://pynq.readthedocs.io/en/v2.3/getting_started/pynq_z2_setup.html

[27] Kali Official Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.kali.org/docs/

[28] Hydra Tool Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.kali.org/tools/hydra/

[29] SSH (Secure Shell) Official Documentation. Accessed on June 1, 2022. [Online]. Available: https://www.ssh.com/academy/ssh

[30] RDP (Remote Desktop Protocol) Wiki Documentation. Accessed on June 1, 2022. [Online]. Available: https://en.wikipedia.org/wiki/Remote_Desktop_Protocol

[31] Address Resolution Protocol (ARP) Wiki Documentation. Accessed on June 1, 2022. [Online]. Available: https://en.wikipedia.org/wiki/Address_Resolution_Protocol

[32] Hypertext Transfer Protocol Secure (HTTPS) Wiki Documentation. Accessed on June 1, 2022. [Online]. Available: https://en.wikipedia.org/wiki/HTTPS