ContainerGuard: A Real-Time Attack Detection System in Container-Based Big Data Platform

被引:20
作者
Wang, Yulong [1 ]
Wang, Qixu [1 ]
Chen, Xingshu [1 ]
Chen, Dajiang [2 ,3 ]
Fang, Xiaojie [4 ]
Yin, Mingyong [5 ]
Zhang, Ning [6 ]
机构
[1] Sichuan Univ, Sch Cyber Sci & Engn, Chengdu 610065, Peoples R China
[2] Univ Elect Sci & Technol China, Sch Informat & Software Engn, Chengdu 610054, Peoples R China
[3] Peng Cheng Lab, Shenzhen 518055, Peoples R China
[4] Harbin Inst Technol, Dept Elect & Informat Engn, Harbin 150001, Peoples R China
[5] China Acad Engn Phys, Inst Comp Applicat, Mianyang 621900, Sichuan, Peoples R China
[6] Univ Windsor, Dept Elect & Comp Engn, Windsor, ON N9B 3P4, Canada
基金
中国国家自然科学基金;
关键词
Containers; Big Data; Process control; Side-channel attacks; Kernel; Security; Hardware; Anomaly detection; big data platform security; container; meltdown and spectre; variational autoencoder (VAE); SIDE-CHANNEL ATTACKS; SPARK;
D O I
10.1109/TII.2020.3047416
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
As a lightweight, flexible, and high-performance operating system virtualization, containers are used to speed up the big data platform. However, due to the imperfection of the resource isolation mechanism and the property of shared kernel, the meltdown and spectre attacks can lead to information leakage of kernel space and coresident containers. In this article, a noise-resilient and real-time detection system, named ContainerGuard, is proposed to detect meltdown and spectre attacks in the container-based big data platform. ContainerGuard uses a nonintrusive manner to collect lifecycle multivariate time-series performance event data of processes in containers and then uses ensemble of variational autoencoders as generative neural networks to learn the robust representations of normal patterns. Therefore, ContainerGuard meets the urgent need for information protection in the container-based big data platform. Our evaluations using real-world datasets show that ContainerGuard achieves excellent detection performance and only introduces about 4.5% of running performance overhead to the platform.
引用
收藏
页码:3327 / 3336
页数:10
相关论文
共 50 条
  • [41] Big Data-Oriented PaaS Architecture with Disk-as-a-Resource Capability and Container-Based Virtualization
    Jonatan Enes
    Javier López Cacheiro
    Roberto R. Expósito
    Juan Touriño
    Journal of Grid Computing, 2018, 16 : 587 - 605
  • [42] The real-time city? Big data and smart urbanism
    Kitchin, Rob
    GEOJOURNAL, 2014, 79 (01) : 1 - 14
  • [43] Monitoring and Detection of Agitation in Dementia Towards Real-Time and Big-Data Solutions
    Moore, Philip
    Xhafa, Fatos
    Barolli, Leonard
    Thomas, Andrew
    2013 EIGHTH INTERNATIONAL CONFERENCE ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING (3PGCIC 2013), 2013, : 128 - 135
  • [44] Real-Time Big Data Analytics: Applications and Challenges
    Mohamed, Nader
    Al-Jaroodi, Jameela
    2014 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION (HPCS), 2014, : 305 - 310
  • [45] Survey of Real-time Processing Systems for Big Data
    Liu, Xiufeng
    Iftikhar, Nadeem
    Xie, Xike
    PROCEEDINGS OF THE 18TH INTERNATIONAL DATABASE ENGINEERING AND APPLICATIONS SYMPOSIUM (IDEAS14), 2014, : 356 - 361
  • [46] Big Data-Oriented PaaS Architecture with Disk-as-a-Resource Capability and Container-Based Virtualization
    Enes, Jonatan
    Lopez Cacheiro, Javier
    Exposito, Roberto R.
    Tourino, Juan
    JOURNAL OF GRID COMPUTING, 2018, 16 (04) : 587 - 605
  • [47] Pagoda: A Hybrid Approach to Enable Efficient Real-Time Provenance Based Intrusion Detection in Big Data Environments
    Xie, Yulai
    Feng, Dan
    Hu, Yuchong
    Li, Yan
    Sample, Staunton
    Long, Darrell Long
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2020, 17 (06) : 1283 - 1296
  • [48] Container System and Communication Reactivity in a Real-Time Embedded Environment
    Rosinski, Wilhelm
    Stahlbock, Lukas
    Langer, Falk
    2023 IEEE 26TH INTERNATIONAL SYMPOSIUM ON REAL-TIME DISTRIBUTED COMPUTING, ISORC, 2023, : 146 - 151
  • [49] Adaptive Trust Management and Data Process Time Optimization for Real-Time Spark Big Data Systems
    Seo, Seungwoo
    Chung, Jong-Moon
    IEEE ACCESS, 2021, 9 : 156372 - 156379
  • [50] Real-time Monitoring System for Container Networks in the Era of Microservices
    Shiraishi, Takashi
    Noro, Masaaki
    Kondo, Reiko
    Takano, Yosuke
    Oguchi, Naoki
    APNOMS 2020: 2020 21ST ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2020, : 161 - 166