A Technical Overview of Docker Container Security Threats

A Technical Overview of Docker Container Security Threats

연구 분야: Analysis

학회: International Conference on Cyberspace Simulation and Evaluation

Docker is currently one of the most representative container platforms, playing a pivotal role in cloud computing, microservices and DevOps. However, Docker containers bring a lot of convenience while also triggering various security threats. In this paper, we take Docker container technology as the research object, and summarize the security threat techniques that Docker containers are currently facing based on the full investigation of existing research work. Specifically, the security threats to Docker containers are analyzed in depth from both static and dynamic aspects according to the point in time and nature of the threats that occur. The static security threat section includes image security and container component risks, while the dynamic security threat section involves container escape, network security, and namespace and cgroups-based configuration security. Finally, three future research directions about Docker container security technology are discussed by combing existing research.