Title | Implementing a Method for Docker Image Security |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Şengül, Özkan, Özkılıçaslan, Hasan, Arda, Emrecan, Yavanoğlu, Uraz, Dogru, Ibrahim Alper, Selçuk, Ali Aydın |
Conference Name | 2021 International Conference on Information Security and Cryptology (ISCTURKEY) |
Date Published | dec |
Keywords | composability, Containers, cryptography, cyber physical systems, docker container security, docker image security, dynamic analysis, Information security, Malware, pubcrawl, resilience, Resiliency, static analysis, telecommunication traffic, virtual machine security, virtualization |
Abstract | Containers that can be easily created, transported and scaled with the use of container-based virtualization technologies work better than classical virtualization technologies and provide efficient resource usage. The Docker platform is one of the most widely used solutions among container-based virtualization technologies. The OS-level virtualization of the Docker platform and the container's use of the host operating system kernel may cause security problems. In this study, a method including static and dynamic analysis has been proposed to ensure Docker image and container security. In the static analysis phase of the method, the packages of the images are scanned for vulnerabilities and malware. In the dynamic analysis phase, Docker containers are run for a certain period of time, after the open port scanning, network traffic is analyzed with the Snort3. Seven Docker images are analyzed and the results are shared. |
DOI | 10.1109/ISCTURKEY53027.2021.9654383 |
Citation Key | sengul_implementing_2021 |