Rule-based Security Monitoring of Containerized Workloads

Holger Gantikow, Christoph Reich, Martin Knahl, Nathan Clarke

Abstract

In order to further support the secure operation of containerized environments and to extend already established security measures, we propose a rule-based security monitoring, which can be used for the detection of a variety of misuse and attacks. The capabilities of the open-source tools used to monitor containers are closely examined and the possibility of detecting undesired behavior is evaluated on the basis of various scenarios. Further, the limits of the approach taken and the associated performance overhead will be discussed. The results show that the proposed approach is effective in many scenarios and comes at a low performance overhead cost.

Download


Paper Citation


in Harvard Style

Gantikow H., Reich C., Knahl M. and Clarke N. (2019). Rule-based Security Monitoring of Containerized Workloads.In Proceedings of the 9th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-365-0, pages 543-550. DOI: 10.5220/0007770005430550


in Bibtex Style

@conference{closer19,
author={Holger Gantikow and Christoph Reich and Martin Knahl and Nathan Clarke},
title={Rule-based Security Monitoring of Containerized Workloads},
booktitle={Proceedings of the 9th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2019},
pages={543-550},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007770005430550},
isbn={978-989-758-365-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Rule-based Security Monitoring of Containerized Workloads
SN - 978-989-758-365-0
AU - Gantikow H.
AU - Reich C.
AU - Knahl M.
AU - Clarke N.
PY - 2019
SP - 543
EP - 550
DO - 10.5220/0007770005430550