A NOVEL CONTAINER ATTACKS DATA SET FOR INTRUSION DETECTION

Download
2022-5-17
Oğur, Hale Bera
Recent years have witnessed a rapid increase in the use of the cloud, and especially the container technology, which is very convenient to use in the cloud environment due to its ability to deploy microservices quickly and easily. A number of studies have been carried out on the security of this technology since the day it started to be used. However, ensuring inclusive security is still a critical need. As containers are a relatively new technology, it is essential to discover their security vulnerabilities by testing them with continuous and up-to-date attacks to develop effective defense systems. Today, machine learning-based intrusion detection and prevention systems are an effective option for securing many platforms including containers. The major issue with these approaches is the need for appropriate and comprehensive labelled data sets, which is a common problem in any machine learning-based study. In this thesis, we describe a novel public container attacks data set we have created for machine-learning based intrusion detection, which focuses on container attacks extracted from the Common Vulnerabilities and Exposures (CVE) platform for the period 2019-2022. The data set comprises attacks simulated on vulnerable container images deployed in a Kubernetes orchestration environment. We believe the data set will be instrumental for advancing intrusion detection research and practice for containers, which will be increasingly widespread in the years to come.

Suggestions

A secure model for efficient live migration of containers
Mavus, Zeynep; Angın, Pelin (2019-09-01)
Cloud services have become increasingly widespread in the past decade due to their ability to reduce the complexity and the cost of managing computers and networks. Cloud applications are run in virtualized environments such as virtual machines and containers to be able to allocate resources in an inexpensive manner. Both of these approaches require effective resource utilization, for which an important enabling technology is live migration, which involves moving a service from one host to another with the ...
An End-to-End Security Auditing Approach for Service Oriented Architectures
AZARMİ, Mehdi; BHARGAVA, Bharat; Angın, Pelin; RANCHAL, Rohit; AHMED, Norman; SİNCLAİR, Asher; LİNDERMAN, Mark; BEN OTHMANE, Lotfi (2012-10-11)
Service-Oriented Architecture (SOA) is becoming a major paradigm for distributed application development in the recent explosion of Internet services and cloud computing. However, SOA introduces new security challenges not present in the single-hop client-server architectures due to the involvement of multiple service providers in a service request. The interactions of independent service domains in SOA could violate service policies or SLAs. In addition, users in SOA systems have no control on what happens...
A Software Development Process Model for Cloud by Combining Traditional Approaches
Hacaloglu, Tuna; Eren, Pekin Erhan; Mishra, Deepti; Mishra, Alok (2015-10-30)
Even though cloud computing is a technological paradigm that has been adopted more and more in various domains, there are few studies investigating the software development lifecycle in cloud computing applications and there is still not a comprehensive software development process model developed for cloud computing yet. Due to the nature of cloud computing that is completely different from the traditional software development, there is a need of suggesting process models to perform the software developmen...
A generalization of openstack for managing heterogeneous cloud resources Heterojen bulut kaynaklarinin yonetimi için openstack genelleştirimi
Erol, Ahmet; Yazar, Alper; Schmidt, Şenan Ece (2019-04-01)
This paper describes the generalization of OpenStack cloud resource management software to manage hardware resources other than the standard resources on the servers. To this end, OpenStack resource data structure is updated and the Nova project, which runs on the compute node, is rewritten so that it can run on different hardware platforms without depending on the operating system.
An agent-based optimization framework for mobile-cloud computing
Angın, Pelin (2013-01-01)
The proliferation of cloud computing resources in the recent years offers a way for mobile devices with limited resources to achieve computationally intensive tasks in real-time. The mobile-cloud computing paradigm, which involves collaboration between mobile and cloud resources, is expected to become increasingly popular in mobile application development. Dynamic partitioning of applications between mobile and cloud platforms based on resource availability is crucial in achieving the best performance for a...
Citation Formats
H. B. Oğur, “A NOVEL CONTAINER ATTACKS DATA SET FOR INTRUSION DETECTION,” M.S. - Master of Science, Middle East Technical University, 2022.