Docker Security: A Threat Model, Attack Taxonomy and Real-Time Attack Scenario of DoS

Docker Security: A Threat Model, Attack Taxonomy and Real-Time Attack Scenario of DoS

연구 분야: Software Development

학회: 2020 10th International Conference on Cloud Computing, Data Science & Engineering (Confluence)

As the last decade experienced an explosion in the development and use of virtualization technologies, the need for an efficient and secure virtualization solution has also been increased. All the solutions that emerged can be classified into two major classes i.e. hypervisor-based virtualization and container-based virtualization. Container technologies have been around for a very long time but Docker is a relatively new and the most dominant candidate among all the other technologies. Along with so many advantages, it has a few disadvantages as well in which its security is the primary and the most crucial concern. In this paper, we propose a threat model for Docker with all the possible attack scenarios in Docker-based host systems. Furthermore, the paper also provides a detailed classification of attacks that can take place on various layers of Docker along with the description of each one of them. Lastly, the paper presents a real-time case study on Denial of Service (DoS) attack in the Docker environment.