AI-Enhanced Runtime Security for Kubernetes: Real-time Threat Detection with eBPF Telemetry and Ensemble Learning
Hirenkumar Mistry *
Grand Canyon University, United States and Zenosys, United States.
*Author to whom correspondence should be addressed.
Abstract
Modern digital services are based on scalable, resilient, and adaptable Cloud-native ecosystems, particularly Kubernetes-based ones. Nonetheless, this fast usage has also widened the threat context and conventional security practices cannot be used in the fight against dynamic and distributed vulnerabilities. The incorporation of Artificial Intelligence (AI) and Machine Learning (ML) solutions into cloud-native security systems has emerged as an intriguing option for addressing these threats. The study is an in-depth discussion of AI-based approaches to improving access controls, anomaly detection, and intrusion prevention in Kubernetes environments. In order to demonstrate the potential of providing a defense mechanism that is adaptive, transparent, and resilient, it compares federated learning, reinforcement learning, graph neural networks, and explainable AI. The results of the current research indicate that the accuracy, efficiency, and scalability of real-time threat detection and policy enforcement using AI-based models can substantially surpass the of traditional ones. In addition, this paper provides insight into the role of self-healing architectures, forecast defense tools, and energy-saving artificial intelligence models in securing multi-cloud and hybrid applications. This work synthesizes the findings of the recent progress to give a coherent view of the development of AI-enhanced cloud-native security and presents both theoretical and practical conclusions regarding academia, industry, and security practitioners.
Keywords: Artificial intelligence, cloud, security, threat detection, real-time, kubernetes