Chaining Digital Services: Challenges to Investigate Cyber-Attacks at Run-Time

Today, Digital Service Providers (DSPs) increasingly use external services provided by third parties to create complex business chains, leveraging service-oriented architectures and everything-as-a-Service (XaaS) management paradigms. How- ever, the heterogeneity and dynamicity of such environments represents a challenge for DSPs. In particular, Digital Service Chaining (DSC) brings the risk to amplify the scope of cyber- threats and to elude local security controls. In this position paper, building on our past experience in dis- tributed monitoring and detection frameworks, we elaborate on the main challenges to investigate cyber-attacks in complex, het- erogeneous, multi-ownership, and interconnected systems. Our main contributions are the operational workflow and reference architecture for run-time protection of digital service chains, as well as the identification of the main issues and research directions that the networking and cybersecurity communities should jointly address.