摘要
容器技术的逐步发展为云原生应用部署提供了有效的轻量化解决方案,同时,容器逃逸攻击问题也成为了威胁容器运行安全最主要的问题,但目前尚无覆盖性较强的措施对大部分容器逃逸攻击手段和威胁进行检测,本文针对生产环境面临的Docker容器逃逸问题,研究并设计基于宿主机的容器逃逸攻击检测模型DCEA(Detect Container Escape Attacks),从容器的安全漏洞检测、危险配置检测、威胁行为检测及空间可信检测等方面,对容器业务上线前和上线后全方位进行监测与评估,力求提升对于容器逃逸攻击的预防和发现能力,保障容器运行安全。
The gradual development of container technology provides an effective lightweight solution for cloud native application deployment,at the same time,container escape attack problem has also become the most important problem threatening container operation security,but there are currently no strong coverage measures to detect most of the container escape attack methods and threats,this paper for the production environment faced by Docker container escape problem,research and design a host-based container escape attack detection model DCEA(Detect Container Escape Attacks),from the aspects of container security vulnerability detection,dangerous configuration detection,threat behavior detection,and spatial trusted detection,monitor and evaluate all aspects of container services before and after launch,and strive to improve the prevention and detection capabilities of container escape attacks and ensure the security of container operation.
作者
苏桐
SU Tong(Fuzhou University Zhicheng College,Fuzhou Fujian 350001)
出处
《软件》
2023年第2期174-178,共5页
Software
关键词
信息安全
容器
逃逸攻击
威胁检测
information security
container
escape attack
threat detection
