Rule-Based Security Monitoring of Containerized Environments
dc.contributor.author | Gantikow, H | |
dc.contributor.author | Reich, C | |
dc.contributor.author | Knahl, M | |
dc.contributor.author | Clarke, Nathan | |
dc.date.accessioned | 2020-07-07T14:32:59Z | |
dc.date.available | 2020-07-07T14:32:59Z | |
dc.date.issued | 2020-06-04 | |
dc.identifier.isbn | 9783030494315 | |
dc.identifier.uri | http://hdl.handle.net/10026.1/15847 | |
dc.description.abstract |
Containers have to be secured in a multi-tenant environment. To secure the use of containerized environments, the effectiveness of a rule-based security monitoring approach have been investigated. The approach of this paper can be used to detect a wide range of potentially malicious behaviour of workloads in containerized environments. Additionally is able to monitor the actual container runtime for misuse and misconfiguration. In order to evaluate the detection capabilities of the open-source tools utilized in a container, various scenarios of undesired behaviour are closely examined. In addition, the performance overhead and functional limitations associated with workload monitoring are discussed. The proposed approach is effective in many of the scenarios examined and its performance overhead is adequate, if appropriate event filtering is applied. | |
dc.format.extent | 66-86 | |
dc.language.iso | en | |
dc.publisher | Springer International Publishing | |
dc.relation.ispartof | Cloud Computing and Services Science 9th International Conference, CLOSER 2019, Heraklion, Crete, Greece, May 2–4, 2019, Revised Selected Papers | |
dc.title | Rule-Based Security Monitoring of Containerized Environments | |
dc.type | chapter | |
plymouth.volume | 1218 CCIS | |
plymouth.publication-status | Published | |
plymouth.series | Communications in Computer and Information Science (CCIS, volume 1218) | |
dc.identifier.doi | 10.1007/978-3-030-49432-2_4 | |
plymouth.organisational-group | /Plymouth | |
plymouth.organisational-group | /Plymouth/Faculty of Science and Engineering | |
plymouth.organisational-group | /Plymouth/Faculty of Science and Engineering/School of Engineering, Computing and Mathematics | |
plymouth.organisational-group | /Plymouth/REF 2021 Researchers by UoA | |
plymouth.organisational-group | /Plymouth/REF 2021 Researchers by UoA/UoA11 Computer Science and Informatics | |
plymouth.organisational-group | /Plymouth/Users by role | |
plymouth.organisational-group | /Plymouth/Users by role/Academics | |
dc.rights.embargoperiod | Not known | |
rioxxterms.versionofrecord | 10.1007/978-3-030-49432-2_4 | |
rioxxterms.licenseref.uri | http://www.rioxx.net/licenses/all-rights-reserved | |
rioxxterms.type | Book chapter |