Visible to the public Implementing a Method for Docker Image Security

TitleImplementing a Method for Docker Image Security
Publication TypeConference Paper
Year of Publication2021
AuthorsŞengül, Özkan, Özkılıçaslan, Hasan, Arda, Emrecan, Yavanoğlu, Uraz, Dogru, Ibrahim Alper, Selçuk, Ali Aydın
Conference Name2021 International Conference on Information Security and Cryptology (ISCTURKEY)
Date Publisheddec
Keywordscomposability, Containers, cryptography, cyber physical systems, docker container security, docker image security, dynamic analysis, Information security, Malware, pubcrawl, resilience, Resiliency, static analysis, telecommunication traffic, virtual machine security, virtualization
AbstractContainers that can be easily created, transported and scaled with the use of container-based virtualization technologies work better than classical virtualization technologies and provide efficient resource usage. The Docker platform is one of the most widely used solutions among container-based virtualization technologies. The OS-level virtualization of the Docker platform and the container's use of the host operating system kernel may cause security problems. In this study, a method including static and dynamic analysis has been proposed to ensure Docker image and container security. In the static analysis phase of the method, the packages of the images are scanned for vulnerabilities and malware. In the dynamic analysis phase, Docker containers are run for a certain period of time, after the open port scanning, network traffic is analyzed with the Snort3. Seven Docker images are analyzed and the results are shared.
DOI10.1109/ISCTURKEY53027.2021.9654383
Citation Keysengul_implementing_2021