2020
DOI: 10.1007/978-3-030-58951-6_13
|View full text |Cite
|
Sign up to set email alerts
|

Understanding the Security Risks of Docker Hub

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
14
0
1

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
2
2

Relationship

0
7

Authors

Journals

citations
Cited by 27 publications
(15 citation statements)
references
References 25 publications
0
14
0
1
Order By: Relevance
“…Wist et al downloaded and scanned over 2500 images from Docker Hub using the Anchore framework [19]. Liu et al extracted any executed programs (e.g., JAR, Shell script) in the container images and scanned them using Virus totals [20]. Their proposal helps detect malicious container images.…”
Section: Related Workmentioning
confidence: 99%
“…Wist et al downloaded and scanned over 2500 images from Docker Hub using the Anchore framework [19]. Liu et al extracted any executed programs (e.g., JAR, Shell script) in the container images and scanned them using Virus totals [20]. Their proposal helps detect malicious container images.…”
Section: Related Workmentioning
confidence: 99%
“…Among them, about 6,400 were classified as malicious, of which 44% were related to cryptocurrency mining, 23% were due to flatmap-stream malware, and 20% were a variety of hacking tools. Another study of more than 2 million images from Docker Hub found that it took 181 days on average for a software originator to fix a software vulnerability, but it took an extra 422 days on average for the developer to patch the fix in the image containing the software [101]. Therefore, a software with security vulnerabilities can remain in an image for more than 600 days on average and has a high probability to be downloaded and potentially exploited by the attackers.…”
Section: Identifying Vulnerabilities In Containersmentioning
confidence: 99%
“…A study has shown that the official and community images contain an average of 180 vulnerabilities and 50% of these images have not been updated [143]. It takes an average of 181 days to fix the vulnerability and an additional 422 days on average to update the image [101], and this presents a window for an attacker to exploit the vulnerability. This threat is attributed to vulnerabilities of V2 and V4.…”
Section: Tamperingmentioning
confidence: 99%
See 2 more Smart Citations