Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
An Empirical Analysis of IDS Approaches in Container Security
Date
2022-01-01
Author
Sever, Yiğit
Ekinci, Goktug
Dogan, Adnan Harun
Alparslan, Bugra
Gurbuz, Abdurrahman Said
Jabrayilov, Vahab
Angın, Pelin
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
58
views
0
downloads
Cite This
Microservices architecture has been praised as a lightweight, modular and robust alternative to monolithic software in recent years with software containerization bringing parallel ideas to the table against bare metal and even virtual machine based software deployment solutions. While containers provide support for agile software development in the cloud, they suffer from security issues due to their lightweight structure not providing isolation as strong as that of virtual machines. This calls for the development of robust intrusion detection systems (IDS) for containers, taking into account their specific vulnerabilities. Existing IDS for containerized software deployments have mainly used host-based syscall monitoring, with only a few utilizing network-based monitoring without justification for the particular sensor used. In this paper, we aim to close this research gap by empirically evaluating the performances of system call and network flow based features in machine learning-based intrusion detection for containers when subjected to the same attacks. Our results show that basing the IDS on the network layer exhibits better performance than the host-based IDS for the investigated vulnerabilities, demonstrating the need for network monitoring for enhanced container security.
Subject Keywords
Containers
,
IDS
,
Cloud Computing
,
Microservices
,
Network Security
,
INTRUSION DETECTION
URI
https://hdl.handle.net/11511/102175
DOI
https://doi.org/10.1109/srmc57347.2022.00007
Conference Name
International Workshop on Secure and Reliable Microservices and Containers (SRMC)
Collections
Department of Computer Engineering, Conference / Seminar
Suggestions
OpenMETU
Core
A Big Data Analytical Approach to Cloud Intrusion Detection
Gulmez, Halim Gorkem; Tuncel, Emrah; Angın, Pelin (null; 2018-06-30)
Advances in cloud computing in the past decade have made it a feasible option for the high performance computing and mass storage needs of many enterprises due to the low startup and management costs. Due to this prevalent use, cloud systems have become hot targets for attackers aiming to disrupt reliable operation of large enterprise systems. The variety of attacks launched on cloud systems, including zero-day attacks that these systems are not prepared for, call for a unified approach for real-time detect...
A reconfigurable computing platform for real time embedded applications
Say, Fatih; Halıcı, Uğur; Department of Electrical and Electronics Engineering (2011)
Today’s reconfigurable devices successfully combine ‘reconfigurable computing machine’ paradigm and ‘high degree of parallelism’ and hence reconfigurable computing emerged as a promising alternative for computing-intensive applications. Despite its superior performance and lower power consumption compared to general purpose computing using microprocessors, reconfigurable computing comes with a cost of design complexity. This thesis aims to reduce this complexity by providing a flexible and user friendly dev...
Generalized resource management for heterogeneous cloud data centers
Erol, Ahmet; Güran Schmidt, Şenan Ece.; Department of Electrical and Electronics Engineering (2019)
OpenStack is a widely used management tool for cloud computing which is designed to work on servers and allocate standard computing resources such as CPU, memory or disk. The current trend for integrating different hardware accelerators such as FPGAs and GPUs in the cloud requires managing these heterogeneous resources. In this thesis, we propose a generalization for OpenStack Nova project which extends the relevant data structures to include these new resources. More importantly, we present a new lightweig...
EXTENSION OF AN OPEN SOURCE RESOURCE MANAGEMENT TOOL FOR HETEROGENEOUS CLOUD DATA CENTERS: IMPLEMENTATION AND EVALUATION
Doğan, Taha; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2022-2-11)
Cloud Computing is enabled by the virtualization of computing resources to realize users' requests of virtual machines (VMs) and data processing in the scope of Infrastructure as a Service (IaaS) and Software as a Service (SaaS) respectively. The current heterogeneous cloud data centers incorporate hardware accelerators in addition to the conventional servers to offer these services more efficiently. It is an important research problem to allocate heterogeneous physical computing resources to a mixture of ...
An MTD-Based Self-Adaptive Resilience Approach for Cloud Systems
VİLLARREAL VASQUEZ, Miguel; BHARGAVA, Bharat; Angın, Pelin; AHMED, Norman; GOODWİN, Daniel; BRİN, Kory; KOBES, Jason (2017-06-30)
Advances in cloud computing have made it a feasible and cost-effective solution to improve the resiliency of enterprise systems. However, the replication approach taken by cloud computing to provide resiliency leads to an increase in the number of ways an attacker can exploit or penetrate the systems. This calls for designing cloud systems that can accurately detect anomalies and dynamically adapt themselves to keep performing mission-critical functions even under attacks and failures. In this paper, we pro...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
Y. Sever et al., “An Empirical Analysis of IDS Approaches in Container Security,” presented at the International Workshop on Secure and Reliable Microservices and Containers (SRMC), Vienna, Avusturya, 2022, Accessed: 00, 2023. [Online]. Available: https://hdl.handle.net/11511/102175.
