Secure Namespaced Kernel Audit for Containers
Soo Yee Lim, Bogdan Stelea, Xueyuan Han, Thomas Pasquier
Abstract
Despite the wide usage of container-based cloud computing, container auditing for security analysis relies mostly on built-in host audit systems, which often lack the ability to capture high-fidelity container logs. State-of-the-art reference-monitor-based audit techniques greatly improve the quality of audit logs, but their system-wide architecture is too costly to be adapted for individual containers. Moreover, these techniques typically require extensive kernel modifications, making it difficult to deploy in practical settings.
Topics & Concepts
Container (type theory)AuditComputer scienceCloud computingFidelityKernel (algebra)ArchitectureComputer securityAudit trailOperating systemAccountingEngineeringBusinessTelecommunicationsCombinatoricsMathematicsVisual artsArtMechanical engineeringSoftware System Performance and ReliabilityCloud Computing and Resource ManagementNetwork Security and Intrusion Detection