2019
DOI: 10.24251/hicss.2019.863
|View full text |Cite
|
Sign up to set email alerts
|

Insight from a Docker Container Introspection

Abstract: Large-scale adoption of virtual containers has stimulated concerns by practitioners and academics about the viability of data acquisition and reliability due to the decreasing window to gather relevant data points. These concerns prompted the idea that introspection tools, which are able to acquire data from a system as it is running, can be utilized as both an early warning system to protect that system and as a data capture system that collects data that would be valuable from a digital forensic perspective.… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
8
0

Year Published

2019
2019
2024
2024

Publication Types

Select...
5
3

Relationship

3
5

Authors

Journals

citations
Cited by 15 publications
(10 citation statements)
references
References 20 publications
0
8
0
Order By: Relevance
“…Watts et. al [25] also examined containers, but that research was focused on detecting malware through introspection tools. The researchers introduced a known piece of malware to an Apache server container and ran a series of tests to determine what differences, if any, appeared in the metrics that the introspection tool Prometheus produced.…”
Section: Related Workmentioning
confidence: 99%
“…Watts et. al [25] also examined containers, but that research was focused on detecting malware through introspection tools. The researchers introduced a known piece of malware to an Apache server container and ran a series of tests to determine what differences, if any, appeared in the metrics that the introspection tool Prometheus produced.…”
Section: Related Workmentioning
confidence: 99%
“…Both containers and virtual machines provide a means for software isolation, and are an essential components of any cloud based-environment. With containers, the abstraction is performed at the operating system level [4]. Multiple containers can share a single host operating system.…”
Section: Container and Vm Forensicsmentioning
confidence: 99%
“…The introspective approach consists of a family of techniques which uses introspection in order to gain insights into the processes being executed within [13]. Although this approach was originally developed for virtual machines, parallel techniques and tools can be used within the container space as well [4]. Introspection techniques monitor the runtime processes and applications currently running in a virtual machine or container.…”
Section: Container and Vm Forensicsmentioning
confidence: 99%
“…The rise in internet users appears to correlate with an escalation in cyber-crimes, which creates a risk for the organization's information security [2]. Detecting and responding to security incidents interest both industry and academicians [3][4][5][6]. According to a report by Forrester's, government, retail, and technology industries constituted 95% of the breached records in 2016, which included personal identifying information [7].…”
Section: Introductionmentioning
confidence: 99%