Research of Penetration Testing Technology in Docker Environment

被引:0
作者
Lu, Tao [1 ]
Chen, Jie [1 ]
机构
[1] JiangNan Inst Comp Technol, Wuxi 214083, Peoples R China
来源
PROCEEDINGS OF THE 2017 5TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING (ICMMCCE 2017) | 2017年 / 141卷
关键词
Docker security; Penetration testing; Denial of service; Container escape; Side channel;
D O I
暂无
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
With the increasing use of cloud computing, virtualization has developed rapidly as the key technology. Especially, Docker container technology has become the focus of attention of researchers because of its advantages of easy deployment and high performance. Consequently the research of Docker security has become more and more important. Based on the brief introduction of Docker architecture and components, the security of Docker is analyzed quantitatively, and is compared with the traditional virtualization. The importance of the penetration testing technology in ensuring the security of the container is clarified. Then, the typical penetration testing technology of denial service, container escape and side channel in Docker environment is studied. Finally, the penetration testing process in Docker container environment is analyzed in detail.
引用
收藏
页码:1354 / 1359
页数:6
相关论文
共 50 条
  • [31] Applying Systems Engineering Principles to Penetration Testing
    Easttom, Chuck
    Butler, William
    PROCEEDINGS OF THE 15TH INTERNATIONAL CONFERENCE ON CYBER WARFARE AND SECURITY (ICCWS 2020), 2020, : 127 - 134
  • [32] An Easy-to-deploy Penetration Testing Platform
    Duan, Bing
    Zhang, Yinqian
    Gu, Dawu
    PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE FOR YOUNG COMPUTER SCIENTISTS, VOLS 1-5, 2008, : 2314 - 2318
  • [33] Quantitative Penetration Testing with Item Response Theory
    Arnold, Florian
    Pieters, Wolter
    Stoelinga, Marielle
    JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2014, 9 (03): : 118 - 127
  • [34] Windows Communication Foundation Penetration Testing Methodology
    Ilca, Lucian Florin
    Balan, Titus
    2021 16TH INTERNATIONAL CONFERENCE ON ENGINEERING OF MODERN ELECTRIC SYSTEMS (EMES), 2021, : 110 - 113
  • [35] Effective penetration testing with Metasploit framework and methodologies
    Holik, Filip
    Horalek, Josef
    Marik, Ondrej
    Neradova, Sona
    Zitta, Stanislav
    2014 IEEE 15TH INTERNATIONAL SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE AND INFORMATICS (CINTI), 2014, : 237 - 242
  • [36] Security test MOODLE: a penetration testing case study
    Mudiyanselage A.K.
    Pan L.
    International Journal of Computers and Applications, 2020, 42 (04) : 372 - 382
  • [37] Constructing the Model of an Information System for the Automatization of Penetration Testing
    A. V. Myasnikov
    A. S. Konoplev
    A. F. Suprun
    V. G. Anisimov
    V. V. Kasatkin
    V. P. Los’
    Automatic Control and Computer Sciences, 2021, 55 : 949 - 955
  • [38] Automated Penetration Testing Using Deep Reinforcement Learning
    Hu, Zhenguo
    Beuran, Razvan
    Tan, Yasuo
    2020 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (EUROS&PW 2020), 2020, : 2 - 10
  • [39] Penetration Testing: Concepts, Attack Methods, and Defense Strategies
    Denis, Matthew
    Zena, Carlos
    Hayajneh, Thaier
    2016 IEEE LONG ISLAND SYSTEMS, APPLICATIONS AND TECHNOLOGY CONFERENCE (LISAT), 2016,
  • [40] PENTOS: Penetration Testing Tool for Internet of Thing Devices
    Visoottiviseth, Vasaka
    Akarasiriwong, Phuripat
    Chaiyasart, Siravitch
    Chotivatunyu, Siravit
    TENCON 2017 - 2017 IEEE REGION 10 CONFERENCE, 2017, : 2279 - 2284
12345