期刊文献+

DAVS:Dockerfile Analysis for Container Image Vulnerability Scanning

下载PDF
导出
摘要 Container technology plays an essential role in many Information and Communications Technology(ICT)systems.However,containers face a diversity of threats caused by vulnerable packages within container images.Previous vulnerability scanning solutions for container images are inadequate.These solutions entirely depend on the information extracted from package managers.As a result,packages installed directly from the source code compilation,or packages downloaded from the repository,etc.,are ignored.We introduce DAVS–A Dockerfile analysis-based vulnerability scanning framework for OCI-based container images to deal with the limitations of existing solutions.DAVS performs static analysis using file extraction based on Dockerfile information to obtain the list of Potentially Vulnerable Files(PVFs).The PVFs are then scanned to figure out the vulnerabilities in the target container image.The experimental shows the outperform of DAVS on detecting Common Vulnerabilities and Exposures(CVE)of 10 known vulnerable images compared to Clair–the most popular container image scanning project.Moreover,DAVS found that 68%of real-world container images are vulnerable from different image registries.
出处 《Computers, Materials & Continua》 SCIE EI 2022年第7期1699-1711,共13页 计算机、材料和连续体(英文)
基金 supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea Government(MSIT)(No.2020-0-00952) Development of 5G edge security technology for ensuring 5G+service stability and availability.
  • 相关文献

参考文献1

二级参考文献1

共引文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部