Cybersecurity and Secrets Management in Kubernetes: A Deep Learning-Assisted Framework for Modern DevSecOps
DOI:
https://doi.org/10.46610/IJDTNSS.2025.v01i02.002Keywords:
Deep learning , DevSecOps, Kubernetes, Monitoring agent, Secrets management, SecurityAbstract
Kubernetes has become the industry standard for container orchestration, allowing scalable deployment, automation, and management of microservices. However, its native secrets management is not designed for high-security workloads it stores secrets as base64-encoded strings in etc., without encryption by default, making it vulnerable to unauthorized access. This paper introduces an intelligent, AI-driven framework to secure the entire lifecycle of Kubernetes secrets. The proposed system integrates a Secrets Store Interface that supports Kubernetes-native secrets, HashiCorp Vault, and Bitnami Sealed Secrets, alongside a custom monitoring agent deployed as a DaemonSet across clusters. This agent captures access patterns including time, frequency, service account, and pod association. These features are normalized and processed through a Long Short-Term Memory (LSTM) neural network that detects behavioral anomalies indicating potential misuse of secrets. To enforce compliance and organizational policies, our framework utilizes Open Policy Agent (OPA) with Gatekeeper to dynamically validate access against pre-defined rego policies. These policies include constraints based on pod labels, namespaces, and service identities, enabling fine-grained control and real-time violation alerts. Through extensive experimentation across simulated DevSecOps environments, our system demonstrated a 94% accuracy in anomaly detection and reduced unauthorized secrets access incidents by 83%. This approach enhances both proactive and reactive security measures in CI/CD pipelines and multi-tenant clusters. By combining AI-based anomaly detection with policy-as-code enforcement, this study lays a foundation for scalable and adaptive secrets governance in Kubernetes, addressing a critical gap in container security.
References
H. Kermabon-Bobinnec, S. Bagheri, M. GholipourChoubeh, S. Majumdar, Y. Jarraya, L. Wang and M. Pourzandi, "PerfSPEC: Performance Profiling-Based Proactive Security Policy Enforcement for Containers," IEEE Transactions on Dependable and Secure Computing, vol. 22, no. 2, pp. 919-938, Jun. 2024, doi: https://doi.org/10.1109/TDSC.2024.3420712
J. Ye, M. Yan, S. Wu, J. Tan, and J. Wu, “U-SCAD: An unsupervised method of system call-driven anomaly detection for containerized edge clouds,” Future Internet, vol. 17, no. 5, p. 218, May 2025, doi: https://doi.org/10.3390/fi17050218
V. Mahavaishnavi, R. Saminathan and R. Prithviraj, "Container Security Intelligence: Leveraging Machine Learning for Anomaly Detection in Containerized Applications," Tuijin Jishu/Journal of Propulsion Technology, vol. 44, no. 3, pp. 3717-3729, 2023, doi: https://doi.org/10.52783/tjjpt.v44.i3.2091
Y. Zhang, R. Meredith, W. Reeves, J. Coriolano, M. A. Babar, and A. Rahman, “Does generative AI generate smells related to container orchestration? An exploratory study with Kubernetes manifests,” in Proc. 21st Int. Conf. Mining Softw. Repositories, Apr. 2024, pp. 192–196. doi: https://doi.org/10.1145/3643991.3645079
S. Ragonesi, "Secure your Kubernetes environment with OPA and Gatekeeper," CNCF Blog, 09-Oct-2023. Available: https://www.cncf.io/blog/2023/10/09/secure-your-kubernetes-environment-with-opa-and-gatekeeper/
M. O. Okafor, "Deep learning in cybersecurity: Enhancing threat detection and response," World Journal of Advanced Research and Reviews, vol. 24, no. 3, pp. 1116–1132, 2024, doi: https://doi.org/10.30574/wjarr.2024.24.3.3819
E. Gkatziouras, R. Adams, and C. Xi, Kubernetes Secrets Handbook: Design, implement, and maintain production-grade Kubernetes Secrets management solutions. Birmingham, UK: Packt Publishing Ltd, Jan. 2024.
J. Zhou, Z. Zhang, L. Ying, H. Chai, J. Cao, and H. Duan, “Hey, your secrets leaked! Detecting and characterizing secret leakage in the wild,” in Proc. 2025 IEEE Symp. Security and Privacy (SP), May 2025, pp. 449–467, doi: https://doi.org/10.1109/SP61157.2025.00122
J. Paramesh, K. P. Sriram, E. Anbalagan, S. Sasikumar and M. G. Kumar, "Developing an adaptive security framework for real-time threat detection and response in cloud-network systems," in Proc. 2024 Int. Conf. Cybernation and Computation (CYBERCOM), Nov. 2024, pp. 644-648, doi: https://doi.org/10.1109/CYBERCOM63683.2024.10803141
A. Paul and R. Manoj, "Amazon Web Services cloud compliance automation with Open Policy Agent," in Proc. 2024 Int. Conf. Expert Clouds Appl. (ICOECA), Apr. 2024, pp. 313-317. doi: https://doi.org/10.1109/ICOECA62351.2024.00063
