Derleme
BibTex RIS Kaynak Göster
Yıl 2020, , 31 - 39, 29.06.2020
https://doi.org/10.46460/ijiea.617181

Öz

Kaynakça

  • [1] Wikipadiea Docker. (n.d.). Retrieved from Wikipedia: https://en.wikipedia.org/wiki/Docker_(software)
  • [2] What is Docker? (n.d.). Retrieved from opensource.com: https://opensource.com/resources/what-docker
  • [3] Docker Security Vulnerabilities. (n.d.). Retrieved from Sysdig: https://sysdig.com/blog/7-docker-security-vulnerabilities/
  • [4] Five Security concerns when using docker. (n.d.). Retrieved from Oreilly: https://www.oreilly.com/ideas/five-security-concerns-when-using-docker
  • [5] Rui, S., Xiaohui, G., & William, E. (March 22 - 24, 2017). A Study of Security Vulnerabilities on Docker Hub. CODASPY '17 Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy (pp. 269-280). Scottsdale, Arizona, USA: ACM.
  • [6] ISACA, Understanding the Enterprise Advantages of Application Containerization. (n.d.). USA.
  • [7] Docker Website. (n.d.). Retrieved from Docker Website: https://www.docker.com/
  • [8] Twistlock. (n.d.). Retrieved from 5 Best Practices to Container Image Security: https://www.twistlock.com/2017/08/31/container-image-security-best-practices/
  • [9] Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities. (n.d.). Retrieved from banyanops: https://banyanops.com/blog/analyzing-docker-hub/Advantages-of-Application-Containerization.aspx
  • [10] Federacy. (n.d.). Retrieved from Container Scanning Specification: https://www.federacy.org/docker_image_vulnerabilities
  • [11] Docker 1.3.3 Security Advisor. Retrieved from Security focus Website: https://www.securityfocus.com/archive/1/archive/1/534215/100/0/threaded
  • [12] Bug 1167505 - (CVE-2014-6407) CVE-2014-6407 docker: symbolic and hardlink issues leading to privilege escalation. Retrieved from bugzilla.redhat Website: https://bugzilla.redhat.com/show_bug.cgi?id=1167505
  • [13] SUSE-SU-2015:0984-1: moderate: Security update for docker.Retrieved from Suse Website: http://lists.suse.com/pipermail/sle-security-updates/2015-June/001419.html
  • [14] RHSA-2014:0820 - Security Advisory. Retrieved from redhat Website: https://access.redhat.com/errata/RHSA-2014:0820
  • [15] Docker 1.6.1 - Security Advisory [150507]. Retrieved from Seclists Website: http://seclists.org/fulldisclosure/2015/May/28https://www.cvedetails.com/vulnerability-list/vendor_id-13534/product_id- 28125/Docker-Docker.html
  • [16] Ayaz Ö., Aydın G., “Uygulama Sanallaştırmada Yeni Bir Yaklaşım: Docker”, https://ab.org.tr/ab15/bildiri/312.pdf
  • [17] B. I. Ismail et al., "Evaluation of Docker as Edge computing platform," 2015 IEEE Conference on Open Systems (ICOS), Bandar Melaka, 2015, pp. 130-135.doi: 10.1109/ICOS.2015.7377291
  • [18] W. Felter, A. Ferreira, R. Rajamony and J. Rubio, "An updated performance comparison of virtual machines and Linux containers," 2015 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), Philadelphia, PA, 2015, pp. 171-172. doi: 10.1109/ISPASS.2015.7095802
  • [19] Preeth E N, F. J. P. Mulerickal, B. Paul and Y. Sastri, "Evaluation of Docker containers based on hardware utilization," 2015 International Conference on Control Communication & Computing India (ICCC), Trivandrum, 2015, pp. 697-700.doi: 10.1109/ICCC.2015.7432984
  • [20] W. Wei, “Docker Hub Suffers a Data Breach, Asks Users to Reset Password” 2019
  • [21] Morgan, T. P. “Docker Completes Its Platform Wıth Dıy Lınux” 2017
  • [22] Bui, T., “Analysis of Docker Security” Aalto University T-110.5291 Seminar on Network Security, 2014
  • [23] Combe, T., Martin, A., Pietro, R.D. “To Docker or not to Docker: a security perspective” IEEE Cloud Computing, 2016
  • [24] Bacis E., Mutti, S. Capelli, S. Paraboschi, S. “DockerPolicyModules: Mandatory Access Control for Docker containers” IEEE Publishing, 2015
  • [25] Shu, R., Gu X., Enck, W., “A Study of Security Vulnerabilities on Docker Hub” CODASPY '17 Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, 2017
  • [26] Manu, A R, Patel, J. K., Akhtar S., Agrawal, V. K., Murthy K N, “Docker container security via heuristics-based multilateral security-conceptual and pragmatic study”, IEEE Publishing, 2016
  • [27] Manu, A R, Patel, J. K., Akhtar S., Agrawal, V. K., Murthy K N, “A study, analysis and deep dive on cloud PAAS security in terms of Docker container security”, International Conference on Circuit, Power and Computing Technologies (ICCPCT), 2016
  • [28] Chelladhurai, J., Chelliah, P., Kumar, S. A., “Securing Docker Containers from Denial of Service (DoS) Attacks” International Conference on Services Computing (SCC),2016
  • [29] Gao X., Gu, Z. Kayaalp, M., Pendarakis, D., Wang, H., “ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds” 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2017
  • [30] Jian, Z., Chen, L.,“A Defense Method against Docker Escape Attack” ICCSP '17 Proceedings of the 2017 International Conference on Cryptography, Security and Privacy, 2016

Securing Vulnerabilities in Docker Images

Yıl 2020, , 31 - 39, 29.06.2020
https://doi.org/10.46460/ijiea.617181

Öz

Docker is an alternative application development and publishing infrastructure tool to various virtualization environments such as Virtual box and the like. The most popular containerization platform is Docker which is the area where Docker images are run. Container is a lightweight contrasting option to full machine virtualization that includes exemplifying an application in a container with its own working condition. These two concepts, virtualization and containerization are competing in the cloud-based environments. When virtualization became the mainstream, VM security concerns was common. IT Security experts are discussing the potential weaknesses of a virtualized environment for a long time. In this paper, focusing on Docker container, its vulnerabilities and possible measurements against security concerns, we have provided information about assessment of risks and vulnerabilities of containerization and the main differences between these two concepts via vulnerability analysis. 

Kaynakça

  • [1] Wikipadiea Docker. (n.d.). Retrieved from Wikipedia: https://en.wikipedia.org/wiki/Docker_(software)
  • [2] What is Docker? (n.d.). Retrieved from opensource.com: https://opensource.com/resources/what-docker
  • [3] Docker Security Vulnerabilities. (n.d.). Retrieved from Sysdig: https://sysdig.com/blog/7-docker-security-vulnerabilities/
  • [4] Five Security concerns when using docker. (n.d.). Retrieved from Oreilly: https://www.oreilly.com/ideas/five-security-concerns-when-using-docker
  • [5] Rui, S., Xiaohui, G., & William, E. (March 22 - 24, 2017). A Study of Security Vulnerabilities on Docker Hub. CODASPY '17 Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy (pp. 269-280). Scottsdale, Arizona, USA: ACM.
  • [6] ISACA, Understanding the Enterprise Advantages of Application Containerization. (n.d.). USA.
  • [7] Docker Website. (n.d.). Retrieved from Docker Website: https://www.docker.com/
  • [8] Twistlock. (n.d.). Retrieved from 5 Best Practices to Container Image Security: https://www.twistlock.com/2017/08/31/container-image-security-best-practices/
  • [9] Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities. (n.d.). Retrieved from banyanops: https://banyanops.com/blog/analyzing-docker-hub/Advantages-of-Application-Containerization.aspx
  • [10] Federacy. (n.d.). Retrieved from Container Scanning Specification: https://www.federacy.org/docker_image_vulnerabilities
  • [11] Docker 1.3.3 Security Advisor. Retrieved from Security focus Website: https://www.securityfocus.com/archive/1/archive/1/534215/100/0/threaded
  • [12] Bug 1167505 - (CVE-2014-6407) CVE-2014-6407 docker: symbolic and hardlink issues leading to privilege escalation. Retrieved from bugzilla.redhat Website: https://bugzilla.redhat.com/show_bug.cgi?id=1167505
  • [13] SUSE-SU-2015:0984-1: moderate: Security update for docker.Retrieved from Suse Website: http://lists.suse.com/pipermail/sle-security-updates/2015-June/001419.html
  • [14] RHSA-2014:0820 - Security Advisory. Retrieved from redhat Website: https://access.redhat.com/errata/RHSA-2014:0820
  • [15] Docker 1.6.1 - Security Advisory [150507]. Retrieved from Seclists Website: http://seclists.org/fulldisclosure/2015/May/28https://www.cvedetails.com/vulnerability-list/vendor_id-13534/product_id- 28125/Docker-Docker.html
  • [16] Ayaz Ö., Aydın G., “Uygulama Sanallaştırmada Yeni Bir Yaklaşım: Docker”, https://ab.org.tr/ab15/bildiri/312.pdf
  • [17] B. I. Ismail et al., "Evaluation of Docker as Edge computing platform," 2015 IEEE Conference on Open Systems (ICOS), Bandar Melaka, 2015, pp. 130-135.doi: 10.1109/ICOS.2015.7377291
  • [18] W. Felter, A. Ferreira, R. Rajamony and J. Rubio, "An updated performance comparison of virtual machines and Linux containers," 2015 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), Philadelphia, PA, 2015, pp. 171-172. doi: 10.1109/ISPASS.2015.7095802
  • [19] Preeth E N, F. J. P. Mulerickal, B. Paul and Y. Sastri, "Evaluation of Docker containers based on hardware utilization," 2015 International Conference on Control Communication & Computing India (ICCC), Trivandrum, 2015, pp. 697-700.doi: 10.1109/ICCC.2015.7432984
  • [20] W. Wei, “Docker Hub Suffers a Data Breach, Asks Users to Reset Password” 2019
  • [21] Morgan, T. P. “Docker Completes Its Platform Wıth Dıy Lınux” 2017
  • [22] Bui, T., “Analysis of Docker Security” Aalto University T-110.5291 Seminar on Network Security, 2014
  • [23] Combe, T., Martin, A., Pietro, R.D. “To Docker or not to Docker: a security perspective” IEEE Cloud Computing, 2016
  • [24] Bacis E., Mutti, S. Capelli, S. Paraboschi, S. “DockerPolicyModules: Mandatory Access Control for Docker containers” IEEE Publishing, 2015
  • [25] Shu, R., Gu X., Enck, W., “A Study of Security Vulnerabilities on Docker Hub” CODASPY '17 Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, 2017
  • [26] Manu, A R, Patel, J. K., Akhtar S., Agrawal, V. K., Murthy K N, “Docker container security via heuristics-based multilateral security-conceptual and pragmatic study”, IEEE Publishing, 2016
  • [27] Manu, A R, Patel, J. K., Akhtar S., Agrawal, V. K., Murthy K N, “A study, analysis and deep dive on cloud PAAS security in terms of Docker container security”, International Conference on Circuit, Power and Computing Technologies (ICCPCT), 2016
  • [28] Chelladhurai, J., Chelliah, P., Kumar, S. A., “Securing Docker Containers from Denial of Service (DoS) Attacks” International Conference on Services Computing (SCC),2016
  • [29] Gao X., Gu, Z. Kayaalp, M., Pendarakis, D., Wang, H., “ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds” 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2017
  • [30] Jian, Z., Chen, L.,“A Defense Method against Docker Escape Attack” ICCSP '17 Proceedings of the 2017 International Conference on Cryptography, Security and Privacy, 2016
Toplam 30 adet kaynakça vardır.

Ayrıntılar

Birincil Dil İngilizce
Konular Mühendislik
Bölüm Derleme
Yazarlar

Ahmet Efe

Ulaş Aslan Bu kişi benim

Aytekin Mutlu Kara Bu kişi benim

Yayımlanma Tarihi 29 Haziran 2020
Gönderilme Tarihi 9 Eylül 2019
Yayımlandığı Sayı Yıl 2020

Kaynak Göster

APA Efe, A., Aslan, U., & Kara, A. M. (2020). Securing Vulnerabilities in Docker Images. International Journal of Innovative Engineering Applications, 4(1), 31-39. https://doi.org/10.46460/ijiea.617181
AMA Efe A, Aslan U, Kara AM. Securing Vulnerabilities in Docker Images. ijiea, IJIEA. Haziran 2020;4(1):31-39. doi:10.46460/ijiea.617181
Chicago Efe, Ahmet, Ulaş Aslan, ve Aytekin Mutlu Kara. “Securing Vulnerabilities in Docker Images”. International Journal of Innovative Engineering Applications 4, sy. 1 (Haziran 2020): 31-39. https://doi.org/10.46460/ijiea.617181.
EndNote Efe A, Aslan U, Kara AM (01 Haziran 2020) Securing Vulnerabilities in Docker Images. International Journal of Innovative Engineering Applications 4 1 31–39.
IEEE A. Efe, U. Aslan, ve A. M. Kara, “Securing Vulnerabilities in Docker Images”, ijiea, IJIEA, c. 4, sy. 1, ss. 31–39, 2020, doi: 10.46460/ijiea.617181.
ISNAD Efe, Ahmet vd. “Securing Vulnerabilities in Docker Images”. International Journal of Innovative Engineering Applications 4/1 (Haziran 2020), 31-39. https://doi.org/10.46460/ijiea.617181.
JAMA Efe A, Aslan U, Kara AM. Securing Vulnerabilities in Docker Images. ijiea, IJIEA. 2020;4:31–39.
MLA Efe, Ahmet vd. “Securing Vulnerabilities in Docker Images”. International Journal of Innovative Engineering Applications, c. 4, sy. 1, 2020, ss. 31-39, doi:10.46460/ijiea.617181.
Vancouver Efe A, Aslan U, Kara AM. Securing Vulnerabilities in Docker Images. ijiea, IJIEA. 2020;4(1):31-9.