Full Program

C-Shield: A Holistic Solution for Secure End-to-End Kubernetes Multi-Cluster Management and Online Threat Mitigation using LLMs

Summary:

This paper presents C-Shield, a holistic security framework for the secure creation, management, and protection of Kubernetes clusters among geographically distributed nodes. C-Shield aims to address the challenges of secure node registration, encrypted inter-node communication, runtime threat detection, and automated threat mitigation, by providing end users with ready-to-use secure clusters, reducing the need for complex, manual deployment processes. The system utilizes overlay networks built with WireGuard to establish strong encrypted communication among distributed Kubernetes nodes, while centralized monitoring collects network and system telemetry across multiple clusters. In order to improve threat detection and response, C-Shield integrates Large Language Models for contextual security analysis, alert explanation, false positive reduction, and automated policy generation. We evaluated the effectiveness of C-Shield subsystems through realistic experimental deployments and demonstrated their ability to provide end-to-end security for distributed Kubernetes infrastructures.

Author(s):

Sarantis Kalafatidis    
Greece

George Kitsos    
Greece

Nikos Papageorgopoulos    
Greece