Rule-based Security Monitoring of Containerized Workloads

Thumbnail
View/Open
Date
2019
Author
Gantikow, H
Reich, C
Knahl, M
Clarke, Nathan cc
Subject
Container Virtualization
 
Docker
 
Security
 
Monitoring
 
Anomalous Behavior
 
System Call Tracing
 

Metadata
Show full item record
Abstract

In order to further support the secure operation of containerized environments and to extend already established security measures, we propose a rule-based security monitoring, which can be used for the detection of a variety of misuse and attacks. The capabilities of the open-source tools used to monitor containers are closely examined and the possibility of detecting undesired behavior is evaluated on the basis of various scenarios. Further, the limits of the approach taken and the associated performance overhead will be discussed. The results show that the proposed approach is effective in many scenarios and comes at a low performance overhead cost.

URI
http://hdl.handle.net/10026.1/20462
DOI
Collections
Publisher
SCITEPRESS - Science and Technology Publications
Journal
Proceedings of the 9th International Conference on Cloud Computing and Services Science
Pagination
543-550
Conference name
9th International Conference on Cloud Computing and Services Science
Start date
2019-05-02
Finish date
2019-05-04
Author URL
Recommended, similar items

The following license files are associated with this item:

All items in PEARL are protected by copyright law.
Author manuscripts deposited to comply with open access mandates are made available in accordance with publisher policies. Please cite only the published version using the details provided on the item record or document. In the absence of an open licence (e.g. Creative Commons), permissions for further reuse of content should be sought from the publisher or author.
PEARL Guides and Policies | PEARL Reports | Contact Us | Send Feedback | Admin Login
Theme by 
Atmire NV