Module Architecture of Docker Image and Container Security

Module Architecture of Docker Image and Container Security

연구 분야: Strategies

학회: International Computer Symposium

The security of Docker images has attracted a lot of attention recently, and the lack of content security checks on Docker images has led users to deploy vulnerable systems. In addition, malicious attackers may inject malware when building the image, and once deployed, it may become a cryptocurrency mining node or leak confidential information on the system. Therefore, it is imperative to establish a complete diagnostic process. In this paper, we propose an architecture of DICDS, which consists of four modules: integrity checker module, vulnerability checker module, malware checker module and suspicious behavior checker module. We can ensure that Docker users are using clean images and containers after the process of DICDS.