- 1Cyber Resilience Laboratory, Division of Information Science, Nara Institute of Science and Technology, Ikoma - Nara, Japan
- 2Computer and Networking Laboratory, Information Technology Faculty, Andalas University, Padang, Indonesia
- 3Department of Computer Science, Angelo State University, San Angelo, TX, United States
Securing cloud-native infrastructures that integrate Multi-Factor Authentication (MFA) via FIDO2, container orchestration with Kubernetes, and Dockerized microservices remains a complex challenge due to interdependent vulnerabilities and escalating adversarial threats. To address this, we propose a web-based cybersecurity framework that combines Fuzzy Analytical Hierarchy Process (Fuzzy AHP), Domain Mapping Matrix (DMM), and fuzzy inference to perform multi-attribute risk assessment tailored to containerized environments. The method involves aggregating expert judgments to prioritize six key CIA-AAN criteria-Confidentiality, Integrity, Availability, Authentication, Authorization, and Non-repudiation-followed by structural complexity quantification using DMM enhanced with Singular Value Decomposition. These are then fused into a Complexity Resilience Index and used in a fuzzy logic system that incorporates CVE-derived indicators such as base score, impact, and exploitability. When applied to five real-world adversarial techniques, the framework produced differentiated risk outcomes: Data Destruction and Resource Hijacking emerged as High-Level Risks with scores of 70.47 and 74.60 respectively, while Endpoint DOS, Network DOS, and Inhibit System Recovery were classified as Medium-Level Risks. These results illustrate how layered threat propagation and component interdependence increase vulnerability in FIDO2-integrated orchestration settings. Compared to conventional frameworks like EBIOS and NIST RMF, our approach offers enhanced granularity in quantifying risk and simulating threat propagation. By enabling practitioners to understand not only which adversarial activities are most damaging but also why, this framework empowers more informed and proactive cybersecurity decisions-bridging the gap between technical risk modeling and real-world defense planning.
1 Introduction
Cloud computing has transformed how services are developed, deployed, and managed. It enables automation, scalability, and continuous delivery pipelines, allowing organizations to respond quickly to business and user needs (Jun, 2017). As a result, the cloud-native market, valued at USD 794.1 million in 2021, is projected to reach USD 9,621.39 million by 2031 (Business Insight, 2023). A core enabler of this growth is the cloud-native paradigm, which emphasizes modularity and portability.
Application components are independently packaged and deployed across heterogeneous infrastructures, promoting agility and efficient resource utilization. Containerization plays a central role in supporting this modular architecture by delivering lightweight, portable services. At scale, container orchestration platforms such as Docker Swarm, Kubernetes, and Apache Mesos automate deployment, replication, failover, and system scaling (Lee et al., 2021). Security in distributed and dynamic environments depends heavily on reliable access control mechanisms. Multi-Factor Authentication (MFA) has emerged as an essential layer of defense for cloud-native systems. Among existing standards, FIDO2 has gained adoption as a passwordless authentication protocol that eliminates shared secrets and mitigates phishing risks (FIDO, 2022; Ghorbani Lyastani et al., 2020). It supports secure authentication across web and non-web services. However, integrating FIDO2 with orchestration systems such as Kubernetes introduces complex vulnerabilities. Internal misconfigurations and software inconsistencies, combined with the growing reliance on third-party services, increase the likelihood of exposure to multi-dimensional threats (Grimes, 2020).
This study introduces a prioritization strategy for security properties through the modified fuzzy analytical hierarchy process (fuzzy AHP). The method handles uncertainty by aggregating expert judgment and assigning fuzzy weights to the CIA-AAN criteria: Confidentiality, Integrity, Availability, Authentication, Authorization, and Non-repudiation (Bhol et al., 2023; Taleby Ahvanooey et al., 2023; Ogundoyin and Kamil, 2020). These properties require a unified perspective. Isolated emphasis on usability or confidentiality alone can result in system vulnerabilities. Authentication establishes identity (Kim et al., 2020), authorization defines access through RBAC (Zahoor et al., 2023), and non-repudiation ensures user accountability (Schiavone et al., 2016).
The architectural security dimension is captured using the Domain Mapping Matrix (DMM), which models interdependencies among components, interfaces, and system layers. This matrix, combined with Singular Value Decomposition (SVD), allows structural complexity in FIDO2-integrated environments to be measured quantitatively (Sinha et al., 2014). Results from this complexity analysis are then integrated with the security priority weights from modified Fuzzy AHP, forming a novel metric: the Complexity Resilience Index.
Risk levels are assessed using fuzzy logic, which incorporates the complexity resilience index, and real-world CVE data such as impact, base score, and exploitability. Fuzzy inference rules support evaluation under uncertain or incomplete data conditions, offering dynamic and context-aware risk assessments (Outkin et al., 2023; Blaise and Rebecchi, 2022; Gao et al., 2019).
Traditional risk assessment methods often fail to capture such complexity. For example, EBIOS Risk Manager (de la Sécurité des Systémes d'Information, 2019) provides structured analysis but focuses primarily on external threats, lacking integration with architectural dependencies or empirical threat intelligence. Moreover, frameworks like EBIOS do not define thresholds for acceptable risk and rely heavily on generalized mitigation actions. Similar limitations exist in recent literature (Wong et al., 2023; Sultan et al., 2019), where qualitative mitigation evaluations are rarely linked to actionable, data-driven insights.
The proposed framework addresses these gaps by combining expert-based decision-making, structural complexity modeling, and threat intelligence within a unified, multi-attribute risk assessment model. It supports FIDO2, Kubernetes, and Docker environments and is implemented as a web-based simulation tool. Practitioners can use this platform to explore attack scenarios, assess evolving risks, and test mitigation strategies in real time. By aligning theoretical models with operational demands, the framework supports more informed and adaptive cybersecurity decisions.
1.1 Motivation
Risk assessment in cloud-native security remains an unresolved challenge, particularly when dealing with technologies like FIDO2-based MFA, Kubernetes, and Docker. Existing frameworks often rely on general scoring models, static weights, or loosely structured matrices to evaluate critical system properties such as confidentiality, integrity, and availability. These methods struggle to produce consistent prioritization, especially when expert judgment varies or when evaluations involve user-centered concepts like authentication, authorization, and non-repudiation. Without a clear structure, organizations struggle to set effective security priorities.
Beyond this, current approaches such as de la Sécurité des Systémes d'Information (2019) fail to account for the structural complexity of modern architectures. Asset relationships, interface exposures, and dependency layers are rarely quantified in existing assessments, even though these structural elements often influence how vulnerabilities manifest in real systems. Despite the growing adoption of DevOps and orchestration tools in production, there remains a disconnect between best practice guidelines and how architectural complexity impacts risk exposure and the effectiveness of implemented controls.
A similar issue exists in how mitigation strategies are planned and executed. Security controls are often applied as qualitative, and guided by checklist-based practices (Wong et al., 2023; Sultan et al., 2019). There is rarely a structured method to assess how layered defenses, such as detection, mitigation, and prevention, work in combination to reduce residual risk. In time-sensitive or resource-constrained environments, this often results in inconsistent decisions and suboptimal allocation of security investments. What remains lacking is a systematic and quantifiable approach to align threat exposure, system architecture, and control effectiveness, so that mitigation planning becomes both defensible and operationally effective.
1.2 Novelty
This paper introduces a novel, multi-attribute risk assessment framework for cloud-native security. It integrates:
• Modified fuzzy AHP: We incorporate basic AHP into pairwise comparison by aggregating the mean of all experts' central consensus judgments using the Saaty scale, followed by fuzzification to compute the normalized value. Existing Fuzzy AHP, like (Chang, 1996), computes fuzzy synthetic extents per expert, then compares fuzzy values using the degree of possibility.
• Domain mapping matrix: We correlate industry best practices and asset provision of Kubernetes, Docker, and FIDO2 for MFA in a cloud computing environment using singular value decomposition to determine structural complexity metrics: components, interfaces, and architecture. To our knowledge, no cybersecurity studies have modeled structural complexity using Domain Mapping Matrix or SVD, despite its use in systems engineering (Sheard and Mostashari, 2009).
• CISSP-based risk reduction with SAFe scaling: This study proposes a risk reduction strategy from the CISSP principle of layered defense—detection, mitigation, and prevention—each contributing incrementally to lowering residual risk (Chapple et al., 2018). To operationalize this concept, the approach adopts the Scaled Agile Framework's (SAFe) Weighted Shortest Job First (WSJF) model (Knaster and Leffingwell, 2020), applying tiered effectiveness weights of 5%, 3%, and 1% to reflect the cumulative impact of layered controls in prioritizing cybersecurity mitigation efforts.
1.3 Contribution
This study provides three primary contributions:
1. Complexity resilience index: we formulate a novel index that fuses structural complexity metrics from domain mapping (components, interfaces, architecture) with modified Fuzzy AHP-based CIA-AAN prioritization to quantify system resilience.
2. Fuzzy logic-based risk assessment using real-world threat intelligence: we apply fuzzy logic to combine the complexity resilience index with CVE-based threat metrics (impact, base score, exploitability) for five adversarial techniques—data destruction, endpoint denial of service, network denial of service, inhibit system recovery, and resource hijacking.
3. Web-based implementation: we deploy the core framework as an interactive, web-based tool to facilitate practitioners' adoption. The platform allows users to conduct what-if simulations and visualize changes in risk levels based on varying structural and threat inputs.
We divide this paper into seven (7) sections. Section 2 provides related prior research. Section 3 explains the assets domain and adversarial techniques. Section 4 discusses methodology. Section 5 presents the proposed multi-attribute risk assessment activities in detail. Section 6 discusses the comparative analysis of risk evaluation techniques, the impacts of adversarial methods, and the framework's limitations. The paper concludes with future research directions in Section 7.
2 Related prior research
This section presents prior research on multi-factor authentication (MFA) security, container orchestration security, fuzzy logic, risk assessment-based methodology, and mitigation strategies.
2.1 Multi-factor authentication security
A paper from Derhab et al. (2020) studies the security of the proposed architecture. It also evaluates a two-factor mutual authentication protocol for mobile cloud computing. Using MFA can spot early signs of compromise. It can find hacked accounts using advanced logs. Logs show that users who authenticate may decline or time out during the second phase of the method, per (Henricks and Kettani, 2020). This can trigger specific security rules and brief the analyst on the incident. According to Pöhn et al. (2023), security flaws are not always in MFA mechanisms themselves. This highlights social engineering as a critical next concern. An adversary could take advantage of this to conduct malicious activities.
2.2 Container orchestration security
The deployment of Kubernetes in large-scale systems like Netflix and Uber demonstrates its ability to manage extensive container ecosystems. It also highlights security vulnerabilities requiring thorough risk assessments (Nguyen, 2023). While our previous work (Hersyah et al., 2023) proposed a multi-dimensional risk assessment for Docker containers in IaaS environments using tools like AHP, ISO 27K, and MITRE (Adversarial Tactics, Techniques, and Common Knowledge) ATT&CK, it had limitations, including on Docker assets, inadequate guidance on resource limits, and a lack of real-world Kubernetes attack scenarios. Papers Mostajeran et al. (2017) and Blaise and Rebecchi (2022) further explore containerized platform risks and Helm Chart deployments, identifying vulnerabilities but lacking systematic methodologies and comprehensive Kubernetes threats. Additionally, Minna et al. (2021); Cao et al. (2022) examine Kubernetes networking and security abstractions but fall short in detailed risk profiling. Building on these findings, our study aims to develop a holistic multi-attribute risk assessment framework.
2.3 Fuzzy logic
The work in Flavia and Chelliah (2023) proposed an optimized, fuzzy logic-based method. It aims to create an anonymous identity and authenticate users. This would allow them to exchange data securely within P2P cloud environments. By addressing CIA-AAN, we seek a holistic approach. We will consider multiple facets of the foundation of cybersecurity. Alali et al. (2018) proposes using a Fuzzy Inference Model (FIS) to assess risk. It should consider four factors: vulnerability, threat, likelihood, and impact. The paper lacks detail on adversarial tactics, which this paper will cover. Insights from Haripriya and Kulothungan (2019) propose a novel IDS, Secure-MQTT, for MQTT-based IoT. It uses fuzzy logic to find any malicious devices. We use real-world data from MITRE ATT&CK to test attacks and their countermeasures.
2.4 Risk assessment-based methodology
EBIOS risk manager (de la Sécurité des Systémes d'Information, 2019) only offers a limited description of assets and risk scenarios. In this paper, we propose improvements by combining the complexity resilience index and detailed CVE metrics for better risk determination. We also explained detailed mitigation controls. Paper (Wu et al., 2023) introduces a risk assessment model using a Gini coefficient-based, evidence-reasoning approach rooted in Dempster-Shafer theory. The model addresses essential risk factors for cloud service providers integrating with diverse entities. However, its framework requires alignment with the advancements in Huang et al. (2024) to ensure its relevance against evolving cyber threats and dynamic business environments. Additionally, Casola et al. (2024) and Mills et al. (2023) propose a secure software development method tailored to modern DevOps pipelines, demonstrating its feasibility through a microservice application case study. Building on these works, our paper emphasizes the need for a comprehensive, multi-attribute risk assessment to enhance secure development methodologies.
2.5 Mitigation strategies
Recent studies show that most of the existing mitigation attempts for containers have drawbacks. For example, the Linux-based mitigation strategies used in containers, such as groups, namespaces, and capabilities, are prone to attacks due to resource exploitation, denials of services, and privilege escalation (Gao et al., 2019). Investigation from Wong et al. (2023); Dissanayaka et al. (2020) offers existing mitigation strategies and their limitations in a qualitative approach. A study from Devi Priya et al. (2023) proposing mitigation strategies from the DREAD threat modeling framework. A study from Koksal et al. (2024) attempts to conduct mitigation limited to DDoS attacks in container-based cloud environments using Kubernetes. We improve the mitigation efforts from the beginning of the paper by implementing a domain mapping matrix to ensure compliance with industry best practices and by demonstrating more attack vectors based on adversarial techniques and measurable quantitative efforts to reduce the risk scale from each impact.
3 Assets domain and adversarial techniques
A unified framework categorizes assets by their traits, limits, complexity, and sensitivity. This aids in systematic evaluations, as suggested by Kure et al. (2022); Assump cão et al. (2022). Figure 1 shows our main contribution to the paper's multi-attribute risk assessment. We adopted a methodology that employs modified fuzzy AHP, domain mapping matrix, and fuzzy logic. It improves the SSDE (Security SLA-based Security-by-Design Development) methodology by Casola et al. (2024).
3.1 Assets domain
The determination of system characterization begins with its asset identification. We enhance the provision of comprehensive asset descriptions based on previous publications (Hersyah et al., 2023; Blaise and Rebecchi, 2022). This paper identifies 5 (five) minimum assets and components that compose the basic foundation of MFA and AWS-labeled container orchestration utilization.
1. MFA and authentication assets: AWS Identity and Access Management (IAM) is the foundation. It configures MFA users, groups, roles, and permissions to ensure controlled access. AWS Cognito complements this. It enables user pool integration and offers risk scoring and verification. IAM users link to hardware or virtual MFA devices.
2. Kubernetes assets: include Amazon Elastic Kubernetes Service (EKS) clusters as the master components, AWS EC2 or Fargate as worker nodes, and AWS Elastic Block Store (EBS) for scalable, high-performance block storage.
3. Docker container assets: Include Amazon ECR for storing, managing, and deploying Docker images. Also, AWS CodeBuild is used to compile code, run tests, and produce deployable software.
4. Cloud infrastructure assets: include AWS Virtual Private Cloud (VPC) for isolating resources, subnets, and security groups for network segmentation and access control, and AWS Key Management Service (KMS) for encrypting data at rest and in transit. CloudTrail and CloudWatch support monitoring. They capture logs from Kubernetes, Docker, and other services. Load balancers like ALB and NLB manage traffic. AWS Route 53 is a DNS service that routes traffic to apps and services.
5. Compliance and governance assets: include AWS Config for monitoring resource configurations and ensuring compliance with defined rules, and AWS Security Hub for providing a centralized view of security best practices and compliance status across AWS accounts to detect.
3.2 Adversarial techniques
MFA, container engines, and orchestrators have exploitable flaws. Their reliance on software and hardware layers adds modularity. But it creates new attack surfaces. Critical security issues often arise from internal threats (Mahavaishnavi et al., 2024), misconfigurations (Renaud et al., 2024), and interdependencies (Bracke et al., 2024), leading to vulnerabilities that adversaries leverage to target deployed applications. We categorize adversarial techniques in Section 5.2 to evaluate these vulnerabilities. We analyze their actions using MITRE ATT&CK (MITRE Corporation, 2024). It is a framework that maps adversarial tactics and techniques from initial access to impact. The following details describe the adversarial techniques and their corresponding groups.
1. Data destruction - adversarial group: APT38: stemming from unauthorized external access or internal threats. Vulnerabilities include inadequate MFA, misconfigured Kubernetes, and insecure Docker images. These interdependencies can lead to data loss and business disruption.
2. Endpoint denial of service - adversarial group: sandworm team: malicious attacks involve using exposed APIs, unpatched Kubernetes or Docker software, and misconfigurations in service dependencies. resulting in operational downtime and potential loss of customer trust.
3. Network denial of service - adversarial group: APT28: exploiting weak network security, misconfigured policies, and interdependent systems in containerized environments. These attacks disrupt services and may result in revenue loss.
4. Inhibit system recovery - adversarial group: wizard spider: stemming from internal threats that conduct ransomware. Vulnerabilities and interdependencies arise from compromised container images and weak backup plans. They cause major financial losses, data loss, and high recovery costs.
5. Resource hijacking - adversarial group: TeamTNT: involving unauthorized use of cloud resources for malicious activities like cryptocurrency mining. Vulnerabilities include insecure Docker containers, weak Kubernetes authentication, and interdependent resource management systems. They lead to higher costs, lower performance, and compliance issues.
4 Methodology
This section explains the Modified Fuzzy AHP, Domain Mapping Matrix, and Fuzzy Logic. The Modified Fuzzy AHP is used to rank security priorities based on multiple criteria. The Domain Mapping Matrix identifies relationships between asset domains and aligns them with best practices. Fuzzy Logic is then applied to calculate the overall risk level.
4.1 Modified fuzzy AHP
Zadeh introduced fuzzy set theory in 1965 (Zadeh, 1965), laying the foundation for this technique, which is further explained in Emrouznejad and Ho (2017), where the integration of fuzzy logic into decision-making frameworks such as the Analytic Hierarchy Process (AHP) enables handling of uncertainty and vagueness in human judgments. In this study, we adopt and modify the Fuzzy AHP method developed by Chang (1996). We engaged four certified professionals in cloud security and container orchestration. Each expert was asked to conduct a pairwise comparison of the six CIA-AAN criteria using Saaty's 1–9 fundamental scale. To synthesize these individual judgments, we applied the Aggregated Mean Approach (Forman and Peniwati, 1998), and the arithmetic mean of each corresponding pairwise element across the expert matrices was calculated. This method, a standard form of Aggregation of Individual Judgments (AIJ), yields a central consensus matrix that reflects the collective view of the expert group (Tran et al., 2024). It ensures that no single expert dominates the evaluation and simplifies the fuzzification process.
Let:
• be the pairwise comparison matrix provided by expert k, where is the judgment of criterion i relative to criterion j from expert k.
• n is the number of criteria (e.g., 6 for CIA-AAN).
• K is the number of experts (e.g., 4 in this study).
Then, the consensus matrix A = [āij] is computed as follows:
That is, each element of the consensus matrix is the arithmetic mean of all experts' judgments for the corresponding pairwise comparison:
After forming the consensus matrix, we applied Triangular Fuzzy Numbers (TFNs) to reflect the inherent uncertainty in expert judgments, as shown in Figure 2.
Step1: After using the fuzzy number operational laws, a fuzzy pairwise comparison matrix is given:
Step 2: The fuzzy geometric mean value , for each criterion i is computed as
Step 3: The fuzzy weight for each criterion i is calculated as
Step 4: The technique is resumed by conducting de-fuzzification by formulating the center of Area (CoA)
Step 5: The normalized weight vector to compute all components is = 1 (one).
4.2 Domain mapping matrix
We use a Domain mapping matrix (Maurer and Lindemann, 2008) to map elements between assets (MFA, Docker, and Kubernetes) and their best practices. It is a (l, m) rectangular binary adjacency matrix, where each entry indicates whether a specific best practice is applicable to a given asset.
4.3 Fuzzy logic and Fuzzy Inference System description
Fuzzy Logic, implemented through a Fuzzy Inference System (FIS), provides a structured approach for reasoning under uncertainty and imprecision. This study employs the skfuzzy library (Warner, 2022) in Python to develop the FIS. The typical process involves four main stages (Geramian et al., 2019):
4.3.1 Fuzzification stage
In the fuzzification stage, precise input values are translated into fuzzy values. These fuzzy values are grouped into categories like low, medium, high, and very high. Each category is represented using a shape called a membership function (MF), which helps determine how strongly a value belongs to that category. Common shapes include triangular, trapezoidal, and Gaussian. In this study, we use trapezoidal membership functions, defined as:
4.3.2 Fuzzy rule base stage
The Fuzzy Rule Base defines the relationship between input and output variables in this stage. Rules are expressed in an if-then format, where the antecedent (if part) describes the input conditions, and the consequent (then part) specifies the corresponding output action. Logical operators such as AND and OR combine the antecedent terms. These operators are mathematically represented as:
• AND operation (Minimum method): is used to model the intersection of fuzzy sets, where the membership degree of the combined condition is determined by taking the minimum value.
• OR operation (Maximum method): is used to model the union of fuzzy sets, where the membership degree of the combined condition is determined by taking the maximum value.
• Combined use of AND and OR in rules
In Fuzzy Logic rules, AND and OR operators are often combined to handle complex relationships and shows flexibility. For example, consider the following rule:
This rule uses both OR and AND operations:
4.3.3 Fuzzy inference and aggregation stage
In this stage, the defined rules are evaluated using the fuzzified input values, and the results are aggregated. Rule evaluation uses methods like the above mentioned methods, such as the AND and OR operations. After all rules are evaluated, their results are aggregated. Aggregation methods commonly used include:
• Maximum method:
4.3.4 Defuzzification stage
Finally, the aggregated output is defuzzified to obtain a crisp value. This is where fuzzy logic principles are translated into a precise numerical output. In this study, the discrete centroid method is employed:
5 Proposed multi-attribute risk assessment
This section demonstrates the calculation stepwise of the proposed multi-attribute risk assessment described in Figure 1 as a proofing concept toward the contributions in Section 1.
5.1 Asset based assessment methods
5.1.1 Modified Fuzzy AHP
We structured the Fuzzy AHP process step by step in Section 4.1, beginning with the collection of objective expert judgments from four certified Kubernetes professionals. The detailed responses are provided in Supplementary Tables S4–S8. The aggregation of these expert inputs into consensus values is formalized in Equation 1, while the construction of the aggregated pairwise comparison matrix is outlined in Equation 2. The final comparison matrix evaluating the CIA-AAN security elements is presented in Table 1.
In the fuzzification process, crisp values from the traditional AHP scale (e.g., 1 to 9) were converted into triangular fuzzy numbers. For instance, a value of 1 was transformed into the fuzzy number (1,1,1), while a value of 4 was mapped to (3,4,5). Similarly, reciprocal values, such as 1/4, were converted into (1/5,1/4,1/3). We constructed the CIA-AAN fuzzy pairwise comparison matrix based on the judgments and applied fuzzification, using Equation 3, displayed in Table 2.
We computed geometric mean of each object element using Equation 4 displayed in Table 3:
We further compute by adding each row of Calculation Result of lower bound (0.714+0.728+0.858+0.693+0.953+0.890), Calculation Result of middle bound (0.849+0.934+1.069+0.890+1.177+1.122), and Calculation Result of upper bound (1.049+1.164+1.371+1.200+1.399+1.348), resulting the geometric mean value in 4.836, 6.041, and 7.531.
The next step is determining each criterion's fuzzy weight and Center of Area (CoA). We formulate the Fuzzy weight by multiplying the Calculation Result from Table 3 and the reciprocal values of the Geometric mean value (7.531, 6.041, 4.836), based on Equation 5. We compute defuzzification by formulating the Center of Area (CoA) using Equation 6 to give a crisp value. It is the average of its lower, middle, and upper parameters of the Fuzzy Weight, displayed in Table 4.
Finally, We get the normalized value from each criterion using the Equation 7 in Table 5. The normalized values of CIA-AAN serve as the security properties rank, which we will incorporate later with structural complexity to propose the complexity resilience index.
5.1.2 Domain mapping matrix
We assemble a domain mapping matrix as explained in Section 4.2 to improve the EBIOS risk manager. It maps assets to their best practices to describe structural complexity. It will assess asset value by comparing the assets with the FIDO2 best practices for MFA and the OWASP best practices for Kubernetes, Docker, and Cloud Computing (FIDO, 2022; OWASP, 2024c,b,a). We implement the Domain Mapping Matrix by adhering to Equation 8 in Table 6. The articulation assets consist of MFA and container orchestration in cloud environments. They total 16 in the column axis. We map them to 31 best practices from FIDO2 and OWASP in the row axis. These details include MFA, Kubernetes, Docker, and Cloud Computing best practices. We assign a value of 1 for a direct correlation between an asset and its best practices. In the absence of any identified direct relationship, we assign a value of 0.
We apply Singular Value Decomposition (Σ), which reduces data dimensionality and generalizes the eigen decomposition for mxn matrix. It does this by extending the polar decomposition. It can be applied to multi-attribute risk assessment. Where Σ is an m×n diagonal matrix. It contains the singular values of A with a stretch nature, in 31 x 16. Only the first 16 rows would have non-zero values in the matrix's columns. The singular values, σi, come from the eigenvalues of ATA (or AAT, depending on the dimensions). The singular values are the square roots of these eigenvalues, which are defined as follows:
where λi are the eigenvalues of ATA (or AAT). The Singular Value of A is given by:
where Σ1, Σ2, …, Σn are the singular values. These are non-negative and are typically arranged in descending order. The formulation of singular value is as follows:
We referenced paper Sheard and Mostashari (2009) and Sinha and Suh (2018) to calculate structural complexity metrics, which consist of components, interfaces, and architecture. Based on this, we proposed a complexity resilience index using the proposed Equations 17–20.
5.1.3 Structural complexity 1: components
This aspect is related to component engineering. The singular value decomposition formula gives us the singular values of the 16 assets: 9.2498, 5.2087, 3.7101, 2.5898, 2.4903, 2.0203, 1.4057, 1.3579, 1.1421, 0.9265, 0.6504, 0.3867, 0.0000, 0.0000, 0.0000, 0.0000. And for a variable c defined as the sum of the first k singular values from the domain mapping matrix:
This represents the accumulation of singular values that contribute to the component metric of structural complexity. The sum of the singular values is given by:
5.1.4 Structural complexity 2: interfaces
The second aspect is related to interface design and management, which is the cumulative term that explains interaction complexity βij between components, which we expressed as the following formula:
The cumulative sum from the domain mapping matrix, which we can find in the last row of Table 6, is the total of the granular assets score, which is given by:
5.1.5 Structural complexity 3: architecture
The last aspect is related to the system integration effort to address the architecture topology metric, which we expressed in the following formula:
The architecture metric can be obtained as follows:
5.1.6 Complexity resilience index determination
We propose the complexity resilience index by formulating linear computation between the structural complexity metrics (component, interface, and architecture) and the normalized values of CIA-AAN from the modified fuzzy AHP in Table 5.
1. Component with availability and non-repudiation: these tools provide operations to manage and scale applications across diverse environments. Emphasizing availability ensures the app works well and is always accessible. It also minimizes downtime (Alahmad et al., 2019). Also, non-repudiation means logging all system actions. This includes container deployments and Kubernetes changes. It provides undeniable accountability (Truyen et al., 2020).
2. Interface with integrity, authentication, and authorization: data in systems built with Docker and Kubernetes must be trustworthy and unchanged. So, we must maintain its integrity as it moves through interfaces. This setup uses FIDO2 to strengthen authentication. It ensures that only verified users and services can access the system. Authorization defines what authenticated users can do. It controls resource access based on policies (Kudo et al., 2021; Bánáti et al., 2018).
3. Architecture with confidentiality: confidentiality protects private, sensitive information from unauthorized access (Seifermann et al., 2019). This approach uses strong encryption and secure access controls. They protect sensitive data at rest and in transit.
To calculate the complexity resilience index score, we propose the following linear computation based on the security attributes assigned to each complexity aspect:
We adopt the Cyclomatic Complexity Metric as defined by McCabe (McCabe, 1976), which is widely used to evaluate ranges of software complexity:
• 1 – 10: Simple procedure
• 11 – 20: Medium Procedure
• 21 – 50: Complex Procedure
• > 50: Untestable code
We computed all Equations from 17 to 20 to obtain proposed complexity resilience index scores.
5.2 Adversarial technique-based assessment methods
This subsection examines adversarial techniques discussed in Section 3.2. These techniques are organized within adversarial tactics that contain methods from external and internal threats, misconfigurations, and interdependencies targeting vulnerabilities in these systems. The evaluation focuses on the CVE's impact, base score, and exploitability associated with five critical techniques identified in the MITRE ATT&CK framework (MITRE Corporation, 2024): Data Destruction (T1485), Endpoint Denial of Service (DoS) (T1499), Inhibit System Recovery (T1490), Network Denial of Service (DoS) (T1498), and Resource Hijacking (T1496). These techniques span multiple stages of adversarial tactics, from initial access to impact, and are particularly critical due to their potential to disrupt FIDO2 for MFA and container orchestration systems in cloud environments. The analysis uses a stacked bar chart to show the CVE metrics. It highlights the impact (blue), base score (green), and exploitability (red).
5.2.1 Data destruction—adversarial group APT38
The APT38 group (MITRE ATT&CK, 2024b) uses CVE-2023-23192 to bypass authentication, which internal threats can also abuse. Misconfigurations, such as those associated with CVE-2023-28842, arise during phases like Execution–Deploy Container, where improperly secured configurations enable adversaries to deploy malicious containers. Interdependency issues, exemplified by CVE-2022-29179, often occur in the Privilege Escalation–Escape to Host phase, where weak interconnections between containerized environments and host systems are illustrated in Figure 3. These vulnerabilities result in an average impact score of 4.9, a base score of 6.9, and an exploitability score of 1.9.
5.2.2 Endpoint of denial services—adversarial group sandworm team
The Sandworm's cyber threat level, as outlined in MITRE ATT&CK (2024a). Sandworm employs CVE-2023-24619 for MFA interception and leveraging container orchestration vulnerabilities. Misconfigurations associated with CVE-2023-37480 are exploited during the Container Discovery phase, where inadequate configurations allow adversaries to exploit containerized environments. Interdependency issues, highlighted by CVE-2021-25746, occur during the Privilege Escalation–Stole Credentials phase, where weak interactions between containerized systems and authentication mechanisms enable unauthorized credential access. Figure 4 shows the impact of 4.2, base score of 6.5, and exploitability score of 2.0.
5.2.3 Network denial of service—adversarial group APT28
Figure 5 examines the APT28 as outline in MITRE ATT&CK (2024a). This group used CVE-2023-52105 to bypass authentication. They also used CVE-2023-30610 to intercept MFA. These attacks targeted the authentication. Misconfigurations associated with CVE-2022-24829 were exploited during the Initial Access–Exploit Public Application phase, allowing attackers to compromise application environments. Interdependency issues linked to CVE-2018-9057 were identified in the Discovery–Container and Resource Discovery phase, where adversaries leveraged weak dependencies within containerized systems. Their average impact, base score, and exploitability: 3.7, 6.3, and 2.2.
5.2.4 Inhibit system recovery—adversarial group wizard spider
The Spider group, as noted in MITRE ATT&CK (2024d), uses methods like LSASS memory dumping CVE-2022-37977 and Pass the Hash CVE-2022-25166 to break authentication. Misconfigurations like CVE-2024-40720 were exploited during the Defense Evasion–Modify Registry phase, where attackers altered critical registry settings to evade detection. Interdependency issues, linked to CVE-2021-36934, are observed during the Impact-Inhibit system Recovery phase, where weak system recovery protocols allow adversaries to disable recovery functions. Internal threats can also play a role in these issues. Figure 6 shows the average impact, base score, and exploitability of these tactics as 4.0, 6.4, and 3.1.
5.2.5 Resource hijacking–adversarial group TeamTNT
The TeamTNT, as outlined in MITRE ATT&CK (2024c), leveraged account manipulation tactics to disrupt authentication using CVE-2023-41333. Misconfigurations, such as those associated with CVE-2024-5165, were identified during the Execution–Malicious Image phase, where attackers deployed unauthorized container images to execute malicious operations. Interdependency issues linked to CVE-2019-10200 were observed during the Discovery–Container Discovery phase, enabling attackers to exploit weak dependencies in containerized environments. We display in Figure 7 regarding impact, base score, and exploitability. It gave average values of 4.8, 7.5, and 2.4 from TeamTNT.
We demonstrated adversarial tactics and techniques in exploiting FIDO2 for MFA and container orchestration vulnerabilities from initial activity to impact, where existing risk assessment frameworks, such as the EBIOS risk manager, only assume external attacks while overlooking factors such as internal threats, misconfigurations, and interdependencies, which significantly amplify vulnerabilities. Quantitative metrics from the National Vulnerability Database (NVD) are used to evaluate by averaging impact, base score, and exploitability scores derived from Common Vulnerabilities and Exposures (CVE) (Booth et al., 2013), as an improvement over prior studies from Devi Priya et al. (2023), Wong et al. (2023), Mills et al. (2023), and Yosifova et al. (2021). The following subsection details how fuzzy logic harmonizes these metrics with the complexity resilience index, enabling risk level determination and mitigation strategies.
5.3 Risk level determination
Fuzzy logic, as explained in Section 4.3, is a key component of our multi-attribute risk assessment framework, implemented using the skfuzzy library in Python (Warner, 2022). By processing uncertain conditions with adaptive input criteria and flexible rules, fuzzy logic dynamically models imprecise and incomplete data to determine risk levels. It is a control system for managing complex processes. Table 7 shows membership functions for input and output variables for the fuzzification stage. These fuzzy inputs are then processed using rule evaluation in Table 8. We aggregate the results to produce a fuzzy output. Finally, defuzzification converts the fuzzy results into a crisp risk value. It contributes to mitigation activities in section 5.4.
5.3.1 Fuzzification
We use trapezoidal according to Section 4.3.1. Table 7 and Figure 8 outline the degree of membership functions for input and output variables for a fuzzy logic-based multi-attribute risk assessment. The variables include Complexity resilience index, Impact, Base score, Exploitability, and Risk level.
5.3.2 Fuzzy inference system
We show the flexibility of fuzzy rules through the skfuzzy library to define combinations of AND and OR operators within rules using Python's programming logical operators, according to Section 4.3.2 in Table 8, and contemplate maximum method as outlined in Section 4.3.3, reflected in Figure 9.
The following risk level and score determination is composed according to ISO 31000 (International Organization for Standardization, 2018).
• Critical level: Extreme chaos, scores between 90–100.
• High level: consider inspection and resolution, scores between 70–89.0.
• Medium level: Analyze after addressing high and critical risk, scores between 40–69.0.
• Low level: Minimal danger to intellectual property and infrastructure, scores between 0–39.0.
5.3.3 Defuzzification–risk assessment
We use a discrete centroid for defuzzification as outlined in Section 4.3.4. We are referencing the complexity resilience index, impacts, base score, and exploitability from Figures 3–7. The risk assessment results are obtained as explained in Figure 10.

Figure 10. Risk assessment result. (a) Data destruction, (b) Endpoint DoS, (c) Network Dos, (d) Inhibit system recovery, (e) Resource hijacking.
Table 9 presents a multi-attribute risk assessment based on fuzzy logic, comprehensively analyzing five adversarial techniques. Data destruction and resource hijacking were identified as the highest-risk attacks among the evaluated techniques, scoring 70.47 and 74.60, respectively. These scores are categorized as “High” risk, reflecting their significant potential consequences. This underscores the urgent need for robust and proactive mitigation strategies, as these threats could cause extensive damage to critical systems without effective countermeasures. In contrast, threats such as Endpoint Denial of Service (DoS), Network DoS, and Inhibit System Recovery were classified as “Medium” risks, with scores of 59.56, 55.44, and 57.45, respectively. Although these threats can cause substantial disruptions, their lower scores suggest reduced consequences. Nevertheless, they still require attention, as their potential to degrade system performance and availability necessitates ongoing monitoring and appropriate security measures.
The following subsection outlines detailed control activities across detection, mitigation, and prevention layers to address these identified risks.
5.4 Risk mitigation and reduction activities
While traditional cloud risk assessments such as Tanimoto et al. (2014) quantify risk across asset, threat, and vulnerability dimensions, they often apply static values to mitigation efforts without accounting for the depth or layering of controls. In contrast, this study introduces a quantitative model that evaluates risk reduction based on the cumulative effectiveness of layered safeguards. The strategies in Tables 10–14 describe specific control actions arranged into three important layers: detection, mitigation, and prevention. This layered approach follows the principle from the Certified Information Systems Security Professional (CISSP) framework (Chapple et al., 2018), which defines residual risk as the total risk minus the effect of safeguards that are in place. To estimate how much risk is reduced, we assign effectiveness values depending on how many layers are applied. When all three layers are implemented, the effectiveness factor is set at 5%. If only two layers are used, this drops to 3%, and if only one is active, it reduces further to 1%. If no controls are used, the risk remains unchanged. These values reflect each layer's relative contribution to lowering risk.
This method aligns with the prioritization logic in the Scaled Agile Framework (SAFe) (Knaster and Leffingwell, 2020), specifically the Weighted Shortest Job First (WSJF) model, which includes risk reduction as a key factor when deciding which actions should be prioritized. The reduction in risk is calculated using the following Equations 21, 22:
In these equations, Rcurrent is the risk before applying any controls, E is the effectiveness factor based on the number of layers, and ΔRstage is the amount of risk reduced. The result, Rafter, shows the remaining risk after controls are applied. By repeating this calculation across stages, the model supports a gradual and measurable path toward acceptable risk levels.
6 Discussion
This section will discuss the comparison between the proposed multi-risk assessment with NIST Risk Management Framework (RMF) (NIST, 2012) and E-Bios Risk Manager (de la Sécurité des Systémes d'Information, 2019), and also discuss the five impacts of adversarial techniques and the limitations of the proposed multi-attribute risk assessment framework. Table 15 describes the comparisons.
1. Data destruction: Adversaries may delete or overwrite data to disrupt services in cloud environments by targeting snapshots and backups. Our framework quantifies the severity of data destruction, enabling prioritization of recovery efforts. Mitigation strategies include, but are not limited to, backup policies, real-time anomaly detection, and monitoring of container and file creation.
2. Endpoint Denial of Service (DoS): Endpoint DoS targets specific layers of the application stack, such as operating systems, servers, databases, and web applications. These attacks exploit flaws to exhaust resources or crash systems. Mitigation strategies include, but are not limited to, geo-blocking, monitoring API logs, and filtering traffic. We also monitor account events and permissions.
3. Network Denial of Service (DoS): Network DoS attacks flood bandwidth, paralyzing website access, email, and MFA systems. These attacks can disrupt critical container orchestration pipelines and hinder cloud-based applications. Mitigation strategies include, but are not limited to, developing network security policies, monitoring user authentication and unusual data flow, filtering traffic, and maintaining system availability.
4. Inhibit system recovery: Adversaries may disable recovery tools, delete backups, or erase version histories. These include volume shadow copies and automated repair features. Mitigation strategies include but are not limited to a zero-trust policy, monitoring for suspicious use of docker commands, executing commands that may exfiltrate data to cloud storage, and redundancy protocols.
5. Resource hijacking: Adversaries may exploit compromised systems that use many resources to conduct cryptocurrency mining to degrade performance. The framework prioritizes Resource Hijacking as the highest risk. It informs targeted mitigation strategies, including but not limited to enhanced monitoring and analysis of traffic patterns and packet inspection and logs for suspicious container deployments that use excessive resource usage to determine anomalous activities.
Although the proposed multi-attribute risk assessment framework offers practical enhancements over traditional models, several limitations remain. Firstly, the current expert judgment model assumes equal weighting among all experts, without accounting for differences in professional experience, specialization, or confidence levels. While this simplifies aggregation and aligns with Chang's fuzzy AHP methodology, it may overlook nuances in expert credibility that could refine decision outcomes. Incorporating expert weighting using the Delphi technique in future iterations may improve the reliability of aggregated judgments.
Secondly, the domain mapping matrix lacks granularity for detailed analysis, which currently uses a binary representation (1 for correlation, 0 for no correlation) to quantify the relationship between assets and best practices. Given the evolving sophistication of cybersecurity requirements, we plan to enhance the web-based tool for more comprehensive numerical representations.
Thirdly, the framework's risk reduction output depends on the inclusion of detection, mitigation, and prevention activities. While assigning fixed effectiveness weights (5%, 3%, and 1%), inspired by CISSP's layered defense principle and the Scaled Agile Framework's prioritization logic, offers a structured basis for quantifying control impact, it assumes linear and independent contributions from each layer. This simplification may not reflect the interdependencies between controls in dynamic threat environments, especially when novel adversarial tactics bypass known defenses, resulting in a potential 0% reduction. To address this, future work should consider applying fuzzy scoring to represent control effectiveness, allowing for gradual transitions, uncertainty, and overlapping impacts among detection, mitigation, and prevention activities. Treating the framework as an adaptive system through threat intelligence (e.g., MITRE ATT&CK) and feedback from practitioners would enhance its responsiveness.
7 Conclusion and future work
We present a multi-attribute risk assessment framework through a three-step approach to address critical challenges in securing FIDO2-enabled Multi-Factor Authentication (MFA) and AWS-labeled container orchestration in cloud environments. To the best of our knowledge, no prior work has explored this specific integration. First, the framework introduces a Complexity Resilience Index, which combines objective expert judgments from a modified Fuzzy AHP process to prioritize CIA and AAN security properties, alongside a domain mapping matrix to quantify system complexity across components, interfaces, and architecture. This mapping aligns security properties with three structural levels: availability and non-repudiation at the component level, integrity, authentication, and authorization at the interface level, and confidentiality at the architectural level. Second, fuzzy logic integrates the Complexity Resilience Index with CVE metrics: impact, base score, and exploitability, enabling risk prioritization under uncertainty. Third, the entire framework is deployed as an interactive, publicly available web-based tool to support practitioner adoption. The implementation source code is shared via GitHub, as referenced in the Availability of Source Code section.
Unlike existing frameworks, such as the EBIOS Risk Manager, which often rely on subjective and approximate assessments, our framework directly addresses the complexity inherent in cloud-native systems by aligning asset provisioning with domain best practices. It dynamically maps structural and adversarial threat metrics to help prioritize critical threats, such as resource hijacking and data destruction, thereby delivering evidence-based decisions for more targeted mitigation. This empowers organizations to respond proactively to evolving risks while considering often-overlooked vulnerabilities such as internal threats, configuration errors, and architectural interdependencies. Through adaptive input criteria and flexible rule-based inference, the framework enhances cybersecurity posture by guiding mitigation strategies that remain effective across detection, mitigation, and prevention layers. It also leverages MITRE ATT&CK intelligence to ensure that control decisions remain relevant to real-world adversarial tactics.
Looking ahead, we plan to expand the framework with a cost-benefit analysis module to quantify the operational costs and benefits of asset provision and mitigation actions. This will help define defensible mitigation timelines and support resource allocation based on cost-efficiency. We also intend to conduct testbed-based evaluations and run cybersecurity training programs using the web-based tool, allowing practitioners to validate the model's effectiveness in realistic scenarios. These efforts aim to ensure both theoretical soundness and practical applicability for securing cloud-native infrastructures.
Data availability statement
Publicly available datasets were analyzed in this study. This data can be found here: https://github.com/udahafeez7/public_cybersecurityexercise.git.
Author contributions
MHH: Writing – original draft, Writing – review & editing. MDH: Conceptualization, Data curation, Formal analysis, Investigation, Methodology, Supervision, Validation, Visualization, Writing – review & editing. YT: Conceptualization, Data curation, Formal analysis, Investigation, Methodology, Project administration, Resources, Software, Supervision, Validation, Visualization, Writing – review & editing. YK: Conceptualization, Data curation, Formal analysis, Funding acquisition, Investigation, Methodology, Project administration, Resources, Software, Supervision, Validation, Visualization, Writing – review & editing.
Funding
The author(s) declare that financial support was received for the research and/or publication of this article. This study was funded by the ICSCoE Core Human Resources Development Program Japan.
Acknowledgments
This work is supported by the Laboratory of Cyber Resilience, Information Science Division, Nara Institute of Science and Technology, Japan.
Conflict of interest
The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.
Generative AI statement
The author(s) declare that no Gen AI was used in the creation of this manuscript.
Publisher's note
All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article, or claim that may be made by its manufacturer, is not guaranteed or endorsed by the publisher.
Supplementary material
The Supplementary Material for this article can be found online at: https://www.frontiersin.org/articles/10.3389/fcomp.2025.1557918/full#supplementary-material
References
Alahmad, Y., Daradkeh, T., and Agarwal, A. (2019). “Optimized availability-aware component scheduler for applications in container-based cloud,” in 2019 Sixth International Conference on Software Defined Systems (SDS), 194–199. doi: 10.1109/SDS.2019.8768654
Alali, M., Almogren, A., Hassan, M. M., Rassan, I. A., and Bhuiyan, M. Z. A. (2018). Improving risk assessment model of cyber security using fuzzy logic inference system. Comput. Secur. 74, 323–339. doi: 10.1016/j.cose.2017.09.011
Assump cão, P., Oliveira, C., Ortiz, P., Melo, W., and Carmo, L. (2022). “A secure cloud-based architecture for monitoring cyber-physical critical infrastructures,” in 2022 6th Cyber Security in Networking Conference (CSNet), 1–7. doi: 10.1109/CSNet56116.2022.9955607
Bánáti, A., Kail, E., Karóczkai, K., and Kozlovszky, M. (2018). “Authentication and authorization orchestrator for microservice-based software architectures,” in 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 1180–1184. doi: 10.23919/MIPRO.2018.8400214
Bhol, S. G., Mohanty, J., and Pattnaik, P. K. (2023). Taxonomy of cyber security metrics to measure strength of cyber security. Mater. Today 80, 2274–2279. doi: 10.1016/j.matpr.2021.06.228
Blaise, A., and Rebecchi, F. (2022). “Stay at the helm: secure kubernetes deployments via graph generation and attack reconstruction,” in 2022 IEEE 15th International Conference on Cloud Computing (CLOUD), 59–69. doi: 10.1109/CLOUD55607.2022.00022
Bracke, V., Santos, J., Wauters, T., De Turck, F., and Volckaert, B. (2024). A multiobjective metaheuristic-based container consolidation model for cloud application performance improvement. J. Netw. Syst. Manag. 32:61. doi: 10.1007/s10922-024-09835-7
Business Insight (2023). Containers as a service market size, share | 2024 to 2031. Available online at: https://www.businessresearchinsights.com/market-reports/containers-as-a-service-market-106392 (Accessed October 23, 2024).
Cao, C., Blaise, A., Verwer, S., and Rebecchi, F. (2022). “Learning state machines to monitor and detect anomalies on a kubernetes cluster,” in Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES '22 (New York, NY, USA: Association for Computing Machinery). doi: 10.1145/3538969.3543810
Casola, V., De Benedictis, A., Mazzocca, C., and Orbinato, V. (2024). Secure software development and testing: a model-based methodology. Comput. Secur. 137:103639. doi: 10.1016/j.cose.2023.103639
Chang, D.-Y. (1996). Applications of the extent analysis method on fuzzy ahp. Eur. J. Oper. Res. 95, 649–655. doi: 10.1016/0377-2217(95)00300-2
Chapple, M., Stewart, J. M., and Gibson, D. (2018). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. SYBEX Inc., USA, 8th edition.
de la Sécurité des Systémes d'Information, A. N. (2019). La méthode ebios risk manager—le guide. Technical Report ANSSI-PA-048-EN, Agence Nationale de la Sécurité des Systémes d'Information, Paris, France.
Derhab, A., Belaoued, M., Guerroumi, M., and Khan, F. A. (2020). Two-factor mutual authentication offloading for mobile cloud computing. IEEE Access 8, 28956–28969. doi: 10.1109/ACCESS.2020.2971024
Devi Priya, V. S., Sethuraman, S. C., and Khan, M. K. (2023). Container security: precaution levels, mitigation strategies, and research perspectives. Comput. Secur. 135:103490. doi: 10.1016/j.cose.2023.103490
Dissanayaka, A. M., Mengel, S., Gittner, L., and Khan, H. (2020). “Vulnerability prioritization, root cause analysis, and mitigation of secure data analytic framework implemented with Mongodb on singularity linux containers,” in Proceedings of the 2020 4th International Conference on Compute and Data Analysis, 58–66. doi: 10.1145/3388142.3388168
FIDO (2022). Fast identity online. Available online at: https://fidoalliance.org/wp-content/uploads/2022/03/FIDO-White-Paper-Choosing-FIDO-Authenticators-for-Enterprise-Use-Cases-RD10-2022.03.01.pdf (accessed November 18, 2024).
Flavia, B. J., and Chelliah, B. J. (2023). Artificial lizard search optimized fuzzy logic approach to addressing authentication and data security challenges in p2p cloud environments. Comput. Secur. 135:103475. doi: 10.1016/j.cose.2023.103475
Forman, E., and Peniwati, K. (1998). Aggregating individual judgments and priorities with the analytic hierarchy process. Eur. J. Oper. Res. 108, 165–169. doi: 10.1016/S0377-2217(97)00244-0
Gao, X., Gu, Z., Li, Z., Jamjoom, H., and Wang, C. (2019). “Houdini's escape: breaking the resource rein of linux control groups,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 1073–1086. doi: 10.1145/3319535.3354227
Geramian, A., Abraham, A., and Ahmadi Nozari, M. (2019). Fuzzy logic-based FMEA robust design: a quantitative approach for robustness against groupthink in group/team decision-making. Int. J. Prod. Res. 57, 1331–1344. doi: 10.1080/00207543.2018.1471236
Ghorbani Lyastani, S., Schilling, M., Neumayr, M., Backes, M., and Bugiel, S. (2020). “Is fido2 the kingslayer of user authentication? A comparative usability study of fido2 passwordless authentication,” in 2020 IEEE Symposium on Security and Privacy (SP), 268–285. doi: 10.1109/SP40000.2020.00047
Grimes, R. A. (2020). Hacking Multifactor Authentication. New York: John Wiley &Sons. doi: 10.1002/9781119672357
Haripriya, A. P., and Kulothungan, K. (2019). Secure-MQTT: an efficient fuzzy logic-based approach to detect dos attack in MQTT protocol for internet of things. EURASIP J. Wirel. Commun. Netw. 2019:90. doi: 10.1186/s13638-019-1402-8
Henricks, A., and Kettani, H. (2020). “On data protection using multi-factor authentication,” in Proceedings of the 2019 International Conference on Information System and System Management, ISSM 2019 (New York, NY, USA: Association for Computing Machinery), 1–4. doi: 10.1145/3394788.3394789
Hersyah, M. H., Hossain, M. D., Taenaka, Y., and Kadobayashi, Y. (2023). “A risk assessment study: encircling docker container assets on IAAS cloud computing topology,” in 2023 6th Conference on Cloud and Internet of Things (CIoT), 225–230. doi: 10.1109/CIoT57267.2023.10084910
Huang, H., Sun, B., and Hu, L. (2024). A task offloading approach based on risk assessment to mitigate edge DDOS attacks. Comput. Secur. 140:103789. doi: 10.1016/j.cose.2024.103789
International Organization for Standardization (2018). Risk Management—Guidelines. ISO, Geneva, Switzerland: ISO 31000, 2018.
Jun, Z. (2017). A security architecture for cloud computing alliance. Recent Adv. Electr. Electr. Eng. 10, 195–201. doi: 10.2174/2352096510666170601091846
Kim, H., Lee, D., and Ryou, J. (2020). “User authentication method using fido based password management for smart energy environment,” in 2020 International Conference on Data Mining Workshops (ICDMW), 707–710. doi: 10.1109/ICDMW51313.2020.00100
Knaster, R., and Leffingwell, D. (2020). SAFe 5.0 Distilled: Achieving Business Agility with the Scaled Agile Framework. Boston: Addison-Wesley Professional.
Koksal, S., Catak, F. O., and Dalveren, Y. (2024). Flexible and lightweight mitigation framework for distributed denial-of-service attacks in container-based edge networks using kubernetes. IEEE Access 12, 172980–172991. doi: 10.1109/ACCESS.2024.3501192
Kudo, R., Kitahara, H., Gajananan, K., and Watanabe, Y. (2021). “Integrity protection for kubernetes resource based on digital signature,” in 2021 IEEE 14th International Conference on Cloud Computing (CLOUD), 288–296. doi: 10.1109/CLOUD53861.2021.00042
Kure, H. I., Islam, S., Ghazanfar, M., Raza, A., and Pasha, M. (2022). Asset criticality and risk prediction for an effective cybersecurity risk management of cyber-physical system. Neural Comput. Applic. 34, 493–514. doi: 10.1007/s00521-021-06400-0
Lee, J.-B., Yoo, T.-H., Lee, E.-H., Hwang, B.-H., Ahn, S.-W., and Cho, C.-H. (2021). High-performance software load balancer for cloud-native architecture. IEEE Access 9, 123704–123716. doi: 10.1109/ACCESS.2021.3108801
Mahavaishnavi, V., Saminathan, R., and Prithviraj, R. (2024). Secure container orchestration: a framework for detecting and mitigating orchestrator-level vulnerabilities. Multimed. Tools Appl. 84, 18351–18371. doi: 10.1007/s11042-024-19613-x
Maurer, M., and Lindemann, U. (2008). “The application of the multiple-domain matrix: Considering multiple domains and dependency types in complex product design,” in 2008 IEEE International Conference on Systems, Man and Cybernetics, 2487–2493. doi: 10.1109/ICSMC.2008.4811669
McCabe, T. (1976). A complexity measure. IEEE Trans. Softw. Eng. SE-2, 308–320. doi: 10.1109/TSE.1976.233837
Mills, A., White, J., and Legg, P. (2023). Longitudinal risk-based security assessment of docker software container images. Comput. Secur. 135:103478. doi: 10.1016/j.cose.2023.103478
Minna, F., Blaise, A., Rebecchi, F., Chandrasekaran, B., and Massacci, F. (2021). Understanding the security implications of kubernetes networking. IEEE Secur. Priv. 19, 46–56. doi: 10.1109/MSEC.2021.3094726
MITRE ATT&CK. (2024a). Apt28 (sandworm team) - russian cyber espionage group. Available online at: https://attack.mitre.org/groups/G0034/ (accessed May 18, 2024).
MITRE ATT&CK. (2024b). Apt38 - north korean cyber threat group. Available online at: https://attack.mitre.org/groups/G0082/ (accessed November 18, 2024).
MITRE ATT&CK. (2024c). Teamtnt - cloud-focused cyber threat group. Available online at: https://attack.mitre.org/groups/G0139/ (accessed May 18, 2024).
MITRE ATT&CK. (2024d). Wizardspider - cybercrime group focused on financial operations. Available online at: https://attack.mitre.org/groups/G0102/ (accessed May 18, 2024).
MITRE Corporation (2024). MITRE ATT&CK Framework for Containers. Available online at: https://attack.mitre.org/matrices/enterprise/containers/ (accessed September 22, 2024).
Mostajeran, E., Mydin, M. N. M., Khalid, M. F., Ismail, B. I., Kandan, R., and Hoe, O. H. (2017). “Quantitative risk assessment of container based cloud platform,” in 2017 IEEE Conference on Application, Information and Network Security (AINS), 19–24. doi: 10.1109/AINS.2017.8270418
NIST (2012). NIST SP 800-37 Revision 1 Guide for Applying the Risk Management Framework to Federal Information Systems. Scotts Valley, CA: CreateSpace.
Ogundoyin, S. O., and Kamil, I. A. (2020). A fuzzy-ahp based prioritization of trust criteria in fog computing services. Appl. Soft Comput. 97:106789. doi: 10.1016/j.asoc.2020.106789
Outkin, A. V., Schulz, P. V., Schulz, T., Tarman, T. D., and Pinar, A. (2023). Defender policy evaluation and resource allocation with MITRE ATT&CK evaluations data. IEEE Trans. Depend. Secure Comput. 20, 1909–1926. doi: 10.1109/TDSC.2022.3165624
OWASP (2024a). Cloud architecture security cheat sheet. Available online at: https://cheatsheetseries.owasp.org/cheatsheets/Secure_Cloud_Architecture_Cheat_Sheet.html (accessed May 20, 2024).
OWASP (2024b). Docker security cheat sheet. Available online at: https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html (accessed May 20, 2024).
OWASP (2024c). Kubernetes security cheat sheet. Available online at: https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html (accessed May 20, 2024).
Pöhn, D., Gruschka, N., Ziegler, L., and Büttner, A. (2023). A framework for analyzing authentication risks in account networks. Comput. Secur. 135:103515. doi: 10.1016/j.cose.2023.103515
Renaud, K., Warkentin, M., Pogrebna, G., and van der Schyff, K. (2024). Vista: an inclusive insider threat taxonomy, with mitigation strategies. Inf. Manag. 61:103877. doi: 10.1016/j.im.2023.103877
Schiavone, E., Ceccarelli, A., and Bondavalli, A. (2016). “Continuous authentication and non-repudiation for the security of critical systems,” in 2016 IEEE 35th Symposium on Reliable Distributed Systems (SRDS), 207–208. doi: 10.1109/SRDS.2016.033
Seifermann, S., Heinrich, R., and Reussner, R. (2019). “Data-driven software architecture for analyzing confidentiality,” in 2019 IEEE International Conference on Software Architecture (ICSA), 1–10. doi: 10.1109/ICSA.2019.00009
Sheard, S. A., and Mostashari, A. (2009). Principles of complex systems for systems engineering. Syst. Eng. 12, 295–311. doi: 10.1002/sys.20124
Sinha, K. (2014). Structural complexity and its implications for design of cyber-physical systems. PhD thesis, Massachusetts Institute of Technology.
Sinha, K., and Suh, E. S. (2018). Pareto-optimization of complex system architecture for structural complexity and modularity. Res. Eng. Design 29, 123–141. doi: 10.1007/s00163-017-0260-9
Sultan, S., Ahmad, I., and Dimitriou, T. (2019). Container security: issues, challenges, and the road ahead. IEEE Access 7, 52976–52996. doi: 10.1109/ACCESS.2019.2911732
Taleby Ahvanooey, M., Zhu, M. X., Ou, S., Dana Mazraeh, H., Mazurczyk, W., Choo, K.-K. R., et al. (2023). Afpr-am: a novel fuzzy-AHP based privacy risk assessment model for strategic information management of social media platforms. Comput. Secur. 130:103263. doi: 10.1016/j.cose.2023.103263
Tanimoto, S., Sato, R., Kato, K., Iwashita, M., Seki, Y., Sato, H., et al. (2014). “A study of risk assessment quantification in cloud computing,” in 2014 17th International Conference on Network-Based Information Systems, 426–431. doi: 10.1109/NBiS.2014.11
Tran, T. N. T., Felfernig, A., and Le, V. M. (2024). An overview of consensus models for group decision-making and group recommender systems. User Model. User-Adapt. Interact. 34, 489–547. doi: 10.1007/s11257-023-09380-z
Truyen, E., Kratzke, N., Van Landuyt, D., Lagaisse, B., and Joosen, W. (2020). Managing feature compatibility in kubernetes: vendor comparison and analysis. IEEE Access 8, 228420–228439. doi: 10.1109/ACCESS.2020.3045768
Warner, J. S. (2022). scikit-fuzzy: Fuzzy logic toolbox for python. Available online at: https://pypi.org/project/scikit-fuzzy/ (accessed November 02, 2024).
Wong, A. Y., Chekole, E. G., Ochoa, M., and Zhou, J. (2023). On the security of containers: Threat modeling, attack analysis, and mitigation strategies. Comput. Secur. 128:103140. doi: 10.1016/j.cose.2023.103140
Wu, H., Wu, Y., and Zhang, J. (2023). Risk assessment modeling with application in the accounting cloud-service industry. Expert Syst. Appl. 229:120526. doi: 10.1016/j.eswa.2023.120526
Yosifova, V., Tasheva, A., and Trifonov, R. (2021). “Predicting vulnerability type in common vulnerabilities and exposures (cve) database with machine learning classifiers,” in 2021 12th National Conference with International Participation (ELECTRONICA) (IEEE), 1–6. doi: 10.1109/ELECTRONICA52725.2021.9513723
Keywords: MFA, Docker, Kubernetes, fuzzy logic, multi-attribute risk assessment, cloud computing
Citation: Hafiz Hersyah M, Hossain MD, Taenaka Y and Kadobayashi Y (2025) Fuzzyfortify: a multi-attribute risk assessment for multi-factor authentication and cloud container orchestration. Front. Comput. Sci. 7:1557918. doi: 10.3389/fcomp.2025.1557918
Received: 09 January 2025; Accepted: 16 June 2025;
Published: 07 July 2025.
Edited by:
Silvio Ranise, University of Trento, ItalyCopyright © 2025 Hafiz Hersyah, Hossain, Taenaka and Kadobayashi. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.
*Correspondence: Mohammad Hafiz Hersyah, bW9oYW1tYWQuaGFmaXpfaGVyc3lhaC5tYzRAaXMubmFpc3QuanA=