Docker under Siege: Securing Containers in the Modern Era
DOI:
https://doi.org/10.32628/CSEIT25112773Keywords:
Container Security, Docker, Information Security, Runtime Security, Network Security, Configuration Management, Supply Chain Security, Monitoring and Logging, Security in SDLC, Resilient Infrastructure, Application SecurityAbstract
Containerization, driven by Docker, has transformed application development and deployment by enhancing efficiency and scalability. However, the rapid adoption of container technologies introduces significant security challenges that require careful management. This paper investigates key areas of container security, including runtime protection, network safeguards, configuration best practices, supply chain security, and comprehensive monitoring and logging solutions. We identify common vulnerabilities within these domains and provide actionable recommendations to address and mitigate these risks. By integrating security throughout the Software Development Lifecycle (SDLC), organizations can reinforce their security posture, creating a resilient and reliable containerized application infrastructure that withstands evolving threats.
Downloads
References
Snyk. (n.d.). 10 Docker Security Best Practices. Retrieved from Snyk
Docker Docs. (n.d.). Security announcements. Retrieved from Docker Security
Malhotra, R., Bansal, A., & Kessentini, M. (2023). Vulnerability Analysis of Docker Hub Official Images and Verified Images. In 2023 IEEE International Conference on Service-Oriented System Engineering (SOSE), 17-20 July 2023. https://doi.org/10.1109/SOSE58276.2023.00025
Snyk. (n.d.). 10 Docker Security Best Practices. Retrieved from Snyk
Malhotra, R., Bansal, A., & Kessentini, M. (2023). Vulnerability Analysis of Docker Hub Official Images and Verified Images. In 2023 IEEE International Conference on Service-Oriented System Engineering (SOSE), 17-20 July 2023.
Malhotra, R., Bansal, A., & Kessentini, M. (2023). Vulnerability Analysis of Docker Hub Official Images and Verified Images. In 2023 IEEE International Conference on Service-Oriented System Engineering (SOSE), 17-20 July 2023. Link
Jiang, W., & Zheng, L. (2020). Vulnerability Analysis and Security Research of Docker Container. In 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE), 27-29 September 2020. Link
Docker. (n.d.). Docker Content Trust. Retrieved from Docker Documentation
Aqua Security. (n.d.). Container Security. Retrieved from Aqua Security
Trivy. (n.d.). Vulnerability Scanner for Containers and other Artifacts. Retrieved from Trivy GitHub
JFrog. (2023). JFrog Security Solutions. Retrieved from JFrog
OWASP. (n.d.). Application Container Security. Retrieved from OWASP
Malhotra, R., Bansal, A., & Kessentini, M. (2023). Vulnerability Analysis of Docker Hub Official Images and Verified Images. In 2023 IEEE International Conference on Service-Oriented System Engineering (SOSE), 17-20 July 2023. https://doi.org/10.1109/SOSE58276.2023.00025
Docker. (n.d.). Best Practices for Docker. Retrieved from Docker Best Practices
Kubernetes. (n.d.). Role-Based Access Control (RBAC) Authorization. Retrieved from Kubernetes Documentation
Calico. (n.d.). Container Security: 7 Key Components and 8 Critical Best Practices. Retrieved from Tigera
Saxena, V., Saxena, D., & Singh, U. (2022). Security Enhancement using Image verification method to Secure Docker Containers. Proceedings of the 4th International Conference on Information Management & Machine Intelligence. https://www.semanticscholar.org/paper/b645bbad9eb0d5fe1d0bb5a2dcf3c4c5536614ea
Yang, N., Chen, C., Yuan, T., Wang, Y., Gu, X., & Yang, D. (2022). Security hardening solution for docker container. 2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). https://www.semanticscholar.org/paper/35a5f38d0f399b0c7abdb2dd8a622d69a5e4ec80
Bhardwaj, A. K., Dutta, P. K., & Chintale, P. (2024). Securing Container Images through Automated Vulnerability Detection in Shift-Left CI/CD Pipelines. Babylonian Journal of Networking. https://www.semanticscholar.org/paper/a63906d9176be6500307ae16532cff125648d960
Gajbhiye, B., Goel, O., & Pandian, P. K. G. (2024). Managing Vulnerabilities in Containerized and Kubernetes Environments. Journal of Quantum Science and Technology. https://www.semanticscholar.org/paper/05f6e461cc24b2680baa4b98fae766d41a8f4b73
Krahn, R., Dragoti, D., Gregor, F., Quoc, D., Schiavoni, V., Felber, P., Souza, C., Brito, A., & Fetzer, C. (2020). TEEMon: A continuous performance monitoring framework for TEEs. Proceedings of the 21st International Middleware Conference. https://www.semanticscholar.org/paper/c95b7a9184b2edfb8bbb3616c390123bb5c0ad0b
Rastogi, V., Davidson, D., Carli, L. D., Jha, S., & Mcdaniel, P. (2016). Towards Least Privilege Containers with Cimplifier. ArXiv. https://www.semanticscholar.org/paper/10745fa635ecfbb4206f3c148bca80c4a493d7ac
Zhang, M., Marino, D., & Efstathopoulos, P. (2015). Harbormaster: Policy Enforcement for Containers. 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom). https://www.semanticscholar.org/paper/e688385278a2faff803ce5b245dfb4ec3bdffda8
Alles, G. R. (2018). Análise da utilização de tecnologias de contêineres para aplicações de alto desempenho. https://www.semanticscholar.org/paper/5110630be6891c7a8ced1539449a050794ae489e
Ajith, V., Cyriac, T., Chavda, C., Kiyani, A. T., Chennareddy, V., & Ali, K. (2024). Analyzing Docker Vulnerabilities through Static and Dynamic Methods and Enhancing IoT Security with AWS IoT Core, CloudWatch, and GuardDuty. IoT. https://www.semanticscholar.org/paper/4c08997c7ed9002f9c9d7ed9cd946d8066c788c2
Gajbhiye, B., Goel, O., & Pandian, P. K. G. (2024). Managing Vulnerabilities in Containerized and Kubernetes Environments. Journal of Quantum Science and Technology. https://www.semanticscholar.org/paper/05f6e461cc24b2680baa4b98fae766d41a8f4b73
Haq, Md. S., Tosun, A., & Korkmaz, T. (2022). Security Analysis of Docker Containers for ARM Architecture. 2022 IEEE/ACM 7th Symposium on Edge Computing (SEC). https://www.semanticscholar.org/paper/bb33e9d61ca50b7b07a72aba54e9bc72f5ff4c3a
Eldjou, A., Amoura, M. E., Soltane, M., Belguidoum, M., Bennacer, S., & Kitouni, I. (2023). Enhancing Container Runtime Security: A Case Study in Threat Detection. Tunisian-Algerian Joint Conference on Applied Computing. https://www.semanticscholar.org/paper/ef96b9178b4fada1c39e82d2fb348fbb07f75c59
Fournier, G., Afchain, S., & Baubeau, S. (2021). Runtime Security Monitoring with eBPF. https://www.semanticscholar.org/paper/8a768ccb634f7527885cae4cd5348eba01065b80
Hashemian, R., Carlsson, N., Krishnamurthy, D., & Arlitt, M. (2020). Contention Aware Web of Things Emulation Testbed. Proceedings of the ACM/SPEC International Conference on Performance Engineering. https://www.semanticscholar.org/paper/ae6c8319e7ea739f3f18398daeab2706aaef2ce7
Verdugo, P., Salvachiua, J., & Huecas, G. (2017). An agile container-based approach to TaaS. 2017 56th FITCE Congress. https://www.semanticscholar.org/paper/7ebf1533bad78e306dd6deb4cbae53c1017a79f4
Mousa, A., Tuffaha, W., Abdulhaq, M., Qadry, M., & M.M., O. O. (2023). In-Depth Network Security for Docker Containers. 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT). https://www.semanticscholar.org/paper/ec6f69bd20f617091e5b1fc670e05fcdfaf57265
Zeng, W., Fan, R., Wang, Z., Xiao, Y., Huang, R., & Liu, M. (2023). Research on Docker Container Network Isolation and Security Management for Multi-Tenant Environments. Proceedings of the 2023 International Conference on Communication Network and Machine Learning. https://www.semanticscholar.org/paper/28be3b1c28fa71fabec3afb803ce5f48c8b83f78
Cochak, H., Koslovski, G., Pillon, M. A., & Miers, C. (2021). RunC and Kata runtime using Docker: a network perspective comparison. 2021 IEEE Latin-American Conference on Communications (LATINCOM). https://www.semanticscholar.org/paper/91fb4da812a4f5de119719392a5dc70c55cbcafb
Barlev, S., Basil, Z., Kohanim, S., & Peleg, R. (2016). Secure yet usable: Protecting servers and Linux containers. https://ieeexplore.ieee.org/abstract/document/7523363/
K. A. Babar, Understanding container isolation mechanisms for building security-sensitive private cloud. Sydney, Australia: ResearchGate, 2017
Findlay, W., Barrera, D., & Somayaji, A. (2102). Bpfcontain: Fixing the soft underbelly of container security. arXiv Preprint arXiv:2102.06972. https://arxiv.org/abs/2102.06972
Barlev, S., Basil, Z., Kohanim, S., & Peleg, R. (2016). Secure yet usable: Protecting servers and Linux containers. https://ieeexplore.ieee.org/abstract/document/7523363/
Muniswamy, S., & Vignesh, R. (2022). DSTS: A hybrid optimal and deep learning for dynamic scalable task scheduling on container cloud environment. Journal of Cloud Computing. https://link.springer.com/article/10.1186/s13677-022-00304-7.
Kafhali, S. E., Mir, I. E., Salah, K., & Hanini, M. (2020). Dynamic scalability model for containerized cloud services. https://link.springer.com/article/10.1007/s13369-020-04847-2.
Barletta, M., Cinque, M., & Simone, L. D. (2024). Criticality-aware monitoring and orchestration for containerized industry 4.0 environments. https://dl.acm.org/doi/abs/10.1145/3604567
Gantikow, H., Reich, C., Knahl, M., & Clarke, N. (2019). Rule-based security monitoring of containerized environments. https://link.springer.com/chapter/10.1007/978-3-030-49432-2_4
Misa, C., Kannan, S., & Durairajan, R. (2019). Can we containerize internet measurements? https://dl.acm.org/doi/abs/10.1145/3340301.3341130
Klein, D. (2019). Micro-segmentation: securing complex cloud environments. Network Security. https://www.magonlinelibrary.com/doi/abs/10.1016/S1353-4858%2819%2930034-0
Al-Ofeishat, H., & Alshorman, R. (2023). Build a Secure Network using Segmentation and Micro-segmentation Techniques. https://journal.uob.edu.bh/handle/123456789/5237
Verma, V. (2024). Network Security Policies for Containers in Cloud Applications. https://aaltodoc.aalto.fi/items/ab63424a-8a23-4057-8f02-36506b192365
Gentile, A. F., Macri, D., Greco, E., & Fazio, P. (2024). IoT IP Overlay Network Security Performance Analysis with Open Source Infrastructure Deployment. J. Cybersecur. Priv. https://www.semanticscholar.org/paper/f75455c4edff911f117062e819aca293cba9557b
Weever, C. de, & Andreou, M. (2020). Zero Trust Network Security Model in containerized environments. https://www.semanticscholar.org/paper/5d2b02e5d079886c44d624752accc20b064e5a15
Surantha, N., Ivan, F., & Chandra, R. (2023). A case analysis for Kubernetes network security of financial service industry in Indonesia using zero trust model. Bulletin of Electrical Engineering and Informatics. https://www.semanticscholar.org/paper/2b2111340cb845e6d1e339d25bff2076faec0fc1
Weever, C. de, & Andreou, M. (2020). Zero Trust Network Security Model in containerized environments. https://www.semanticscholar.org/paper/5d2b02e5d079886c44d624752accc20b064e5a15
Kulathunga, R. (2021). Dynamic security model for container orchestration platform. https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/4533
Zhong, Z., Xu, M., Rodriguez, M., & Xu, C. (2022). Machine learning-based orchestration of containers: A taxonomy and future directions. https://dl.acm.org/doi/abs/10.1145/3510415
Sofia, R., Dykeman, D., Urbanetz, P., & Galal, A. (2023). Dynamic, Context-Aware Cross-Layer Orchestration of Containerized Applications. https://ieeexplore.ieee.org/abstract/document/10225530/
Struhár, V., Craciunas, S., & Ashjaei, M. (2021). React: Enabling real-time container orchestration. https://ieeexplore.ieee.org/abstract/document/9613685/
Mehr, I. E., Minetto, A., Dovis, F., Pica, E., Cesaroni, C., & Romano, V. (2023). An Open Architecture for Signal Monitoring and Recording Based on SDR and Docker Containers: A GNSS Use Case. IEEE EUROCON 2023 - 20th International Conference on Smart Technologies. https://www.semanticscholar.org/paper/4d48ff4f6c993963b5386ecc1762996eb2c568bb
Jain, H. (2021). Monitoring of Docker Containers with Round Robin Database. https://www.semanticscholar.org/paper/4bcf673efc594b7df2b5976e134e6fb09ba2e15f
Franco, J., Acar, A., Aris, A., & Uluagac, S. (2023). Forensic Analysis of Cryptojacking in Host-Based Docker Containers Using Honeypots. ICC 2023 - IEEE International Conference on Communications. https://www.semanticscholar.org/paper/235aa07c44e436c9abbe5b3ddfbdd11a0e6217a6
Mousa, A., Tuffaha, W., Abdulhaq, M., Qadry, M., & M.M., O. O. (2023). In-Depth Network Security for Docker Containers. 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT). https://www.semanticscholar.org/paper/ec6f69bd20f617091e5b1fc670e05fcdfaf57265
VS, D., Sethuraman, S., & Khan, M. (2023). Container security: precaution levels, mitigation strategies, and research perspectives. Computers & Security. https://www.sciencedirect.com/science/article/pii/S0167404823004005
Nickle, J. (2023). A Research Exploring Practical Threat Deterrence Methodologies Utilizing Secure Identity Micro-Segmentation. https://search.proquest.com/openview/a9bea7d413307133a55976e66612bae1/1?pq-origsite=gscholar&cbl=18750&diss=y
Nugroho, I., & Marlina, S. (2024). Effective Security Protocols for Containerized Applications. https://studies.eigenpub.com/index.php/erst/article/view/83
Jansen, B. A. (2018). MSc System and Network Engineering Research Project 2 Security By Default A Comparative Security Evaluation of Default Configurations. https://www.semanticscholar.org/paper/2a7dd6006626c7126617181636a69d16c717b147
Kithulwatta, W. M. C. J. T., Jayasena, K., Kumara, B., & Rathnayaka, R. (2022). Performance Evaluation of Docker-based Apache and Nginx Web Server. 2022 3rd International Conference for Emerging Technology (INCET). https://www.semanticscholar.org/paper/54126de112713c3f8b8909db627c0c02c1f554a2
Su, K.-M., Liu, I., & Li, J.-S. (2020). The Risk of Industrial Control System Programmable Logic Controller Default Configurations. 2020 International Computer Symposium (ICS). https://www.semanticscholar.org/paper/f52f133fe076120629bfd91868be6354e4333a60
Kayali, M., & Wang, C. (2022). Mining Robust Default Configurations for Resource-constrained AutoML. ArXiv. https://www.semanticscholar.org/paper/debe88eb17215e83e0de34638c1f32ab531f6ae1
Raj, P. (2024). Continuous Integration for New Service Deployment and Service Validation Script for Vault. INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT. https://www.semanticscholar.org/paper/96e78ef19e63455191f211cb39867a54a6e1edb5
Loukidis-Andreou, F., & Giannakopoulos, I. (2018). Docker-sec: A fully automated container security enhancement mechanism. https://ieeexplore.ieee.org/abstract/document/8416432/
Brady, K., Moon, S., & Nguyen, T. (2020). Docker container security in cloud computing. https://ieeexplore.ieee.org/abstract/document/9031195/
Kermabon-Bobinnec, H., & Gholipourchoubeh, M. (2022). Prospec: Proactive security policy enforcement for containers. https://dl.acm.org/doi/abs/10.1145/3508398.3511515
Mullinix, S., Konomi, E., & Townsend, R. (2020). On security measures for containerized applications imaged with docker. https://arxiv.org/abs/2008.0481
Wahanani, H., Idhom, M., & Kristiawan, K. Y. (2021). Implementation Of Docker Container On Local Network By Applying Reverse Proxy. IJCONSIST JOURNALS. https://www.semanticscholar.org/paper/ee9f1dc131e6c8d2c59936d18492b69d62cb0e1e
Alyas, T., Ali, S., Khan, H. U., Samad, A., Alissa, K. A., & Saleem, M. (2022). Container Performance and Vulnerability Management for Container Security Using Docker Engine. Security and Communication Networks. https://www.semanticscholar.org/paper/5e59d661f7f1e356e96810ac35e439505f040490
Mahajan, V., & Mane, S. (2022). Detection, Analysis and Countermeasures for Container based Misconfiguration using Docker and Kubernetes. 2022 International Conference on Computing, Communication, Security and Intelligent Systems (IC3SIS). https://www.semanticscholar.org/paper/ea4a7e32e61ddb9599932dd597c48b2ec0114112
Ksontini, E., Kessentini, M., Ferreira, T., & Hassan, F. (2021). Refactorings and Technical Debt in Docker Projects: An Empirical Study. 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE). https://www.semanticscholar.org/paper/8ed3345683127ae31e051696d1504f8901b05563
Pires, A., Matos, F., Santos, A., Pessoa, D., & Maciel, P. D. (2022). PipeConf: An Integrated Architecture for the Automated Configuration of Network Assets. IEEE Transactions on Network and Service Management. https://www.semanticscholar.org/paper/dbd88c8c56812d6fad93016e7f1e58408d982fb1
Suryawanshi, H., & Deshmukh, P. R. (2022). Building a UI Based Tool for Configuration Management. 2022 International Conference on Industry 4.0 Technology (I4Tech). https://www.semanticscholar.org/paper/b935555760a93e3bab587cbe645bcf3039831484
Rugendo, T. M., & Kahonge, A. M. (2021). Access Control Model for Container based Virtual Environments. International Journal of Computer Applications. https://www.semanticscholar.org/paper/35690002da12487f3d4a5c0970bc8344af68fc6c
Lang, D., Jiang, H., Ding, W., & Bai, Y. (2019). Research on Docker Role Access Control Mechanism Based on DRBAC. Journal of Physics: Conference Series. https://www.semanticscholar.org/paper/0b7d67b7b520fc04d8ba6e68116c610db21853c0
Pasomsup, C., & Limpiyakorn, Y. (2021). HT-RBAC: A Design of Role-based Access Control Model for Microservice Security Manager. 2021 International Conference on Big Data Engineering and Education (BDEE). https://www.semanticscholar.org/paper/1f8acfefbdaca20fc15c65d88186e5a5880c8407
Rugendo, T. M., & Kahonge, A. M. (2021). Access Control Model for Container based Virtual Environments. International Journal of Computer Applications. https://www.semanticscholar.org/paper/35690002da12487f3d4a5c0970bc8344af68fc6c
Patra, M., Kumari, A., Sahoo, B., & Turuk, A. K. (2022). Docker Security: Threat Model and Best Practices to Secure a Docker Container. 2022 IEEE 2nd International Symposium on Sustainable Energy, Signal Processing and Cyber Security (iSSSC). https://www.semanticscholar.org/paper/dab262d922365371d9d09fe660bb82df09980e5f
Mousa, A., Tuffaha, W., Abdulhaq, M., Qadry, M., & M.M., O. O. (2023). In-Depth Network Security for Docker Containers. 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT). https://www.semanticscholar.org/paper/ec6f69bd20f617091e5b1fc670e05fcdfaf57265
Xing, Y., Cao, J., Wang, X., Torabi, S., Sun, K., Yan, F., & Li, Q. (2022). SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images. 2022 IEEE Conference on Communications and Network Security (CNS). https://www.semanticscholar.org/paper/7e76d0712fedef5689f08502057c009638bc0973
Chamoli, S., & Sarishma. (2021). Docker Security: Architecture, Threat Model, and Best Practices. https://link.springer.com/chapter/10.1007/978-981-16-1696-9_24
Yasrab, R. (1804). Mitigating docker security issues. arXiv Preprint arXiv:1804.05039. https://arxiv.org/abs/1804.05039
Alvi, M. H. (2021). Security best practices for containerized applications. https://doi.org/10.13140/RG.2.2.26095.04000
Ahamed, W., & Zavarsky, P. (2021). Security audit of docker container images in cloud architecture. https://ieeexplore.ieee.org/abstract/document/9478100/
Perera, H. P. D. S., Silva, H. S. T. D., Ganegoda, B. A., Reza, B., Karunarathne, A. D. H. U., & Senarathne, A. (2022). Docker Container Security Orchestration and Posture Management Tool. 2022 13th International Conference on Computing Communication and Networking Technologies (ICCCNT). https://www.semanticscholar.org/paper/f319baec615580bb3c185b8cbc0ca7bb8814cd96
Brady, K., Moon, S., Nguyen, T.-A., & Coffman, J. (2020). Docker Container Security in Cloud Computing. 2020 10th Annual Computing and Communication Workshop and Conference (CCWC). https://www.semanticscholar.org/paper/8c157612a9bf3643218b875a534bc7fd2fea0eeb
Mubanda, D., Mandela, N., Mbinda, T., & Ayesiga, C. (2023). Evaluating Docker Container Security through Penetration Testing: A Smart Computer Security. 2023 International Conference on Communication, Security and Artificial Intelligence (ICCSAI). https://www.semanticscholar.org/paper/bd82b69ab95dab9387e45057d287e2eefdd03f2c
Sharma, A., Keswani, B., & Sangwan, A. (2021). Optimization of docker container security and its performance evaluation. Journal of Discrete Mathematical Sciences and Cryptography. https://www.semanticscholar.org/paper/c065a908850379b03b25849d084bba5bf1c3d40d
Shah, J., Dubaria, D., & Widhalm, J. (2018). A Survey of DevOps tools for Networking. 2018 9th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON). https://www.semanticscholar.org/paper/ef73549a162f905ee13319805dd4bfb442d834ea
Mahajan, V., & Mane, S. (2022). Detection, Analysis and Countermeasures for Container based Misconfiguration using Docker and Kubernetes. 2022 International Conference on Computing, Communication, Security and Intelligent Systems (IC3SIS). https://www.semanticscholar.org/paper/ea4a7e32e61ddb9599932dd597c48b2ec0114112
Sultan, S., Ahmad, I., & Dimitriou, T. (2019). Container security: Issues, challenges, and the road ahead. IEEE Access. https://ieeexplore.ieee.org/abstract/document/8693491/
Egbuna, O. (2022). Security Challenges and Solutions in Kubernetes Container Orchestration. Journal of Science & Technology. https://www.thesciencebrigade.com/jst/article/view/233
Lopes, N., Martins, R., Correia, M., & Serrano, S. (2020). Container hardening through automated seccomp profiling. https://dl.acm.org/doi/abs/10.1145/3429885.3429966
Lang, D., Jiang, H., Ding, W., & Bai, Y. (2019). Research on docker role access control mechanism based on drbac. https://iopscience.iop.org/article/10.1088/1742-6596/1168/3/032127/meta
Anirudh, U., & Darshan, S. (2024). Role-Based Virtuosity in Virtual Environments: A Technical Exploration of Access Control and Authentication Mechanisms. Cloud Security. https://www.taylorfrancis.com/chapters/edit/10.1201/9781003455448-10/role-based-virtuosity-virtual-environments-anirudh-shiva-darshan
Li, Y., & Sun, H. (2022). Research and Design of Docker Technology Based Authority Management System. https://search.proquest.com/openview/a0307c26aa01c102b784ff7b0876374c/1?pq-origsite=gscholar&cbl=237303
Islam, R., Patamsetti, V., Gadhi, A., Gondu, R. M., Bandaru, C. M., Kesani, S. C., & Abiona, O. (2023). The Future of Cloud Computing: Benefits and Challenges. International Journal of Communications, Network and System Sciences. https://www.semanticscholar.org/paper/b07abe00bee4cf4373a352e488a175cd990eb32e
Zou, Z., Xie, Y., Huang, K., Xu, G., & Feng, D. (2019). A docker container anomaly monitoring system based on optimized isolation forest. https://ieeexplore.ieee.org/abstract/document/8807263/
Rapatti, A. (2021). Rootless Docker Containers in Continuous Integration. https://www.theseus.fi/handle/10024/498794
Madhumathi, R. (2018). The relevance of container monitoring towards container intelligence. https://ieeexplore.ieee.org/abstract/document/8493766/
Casalicchio, E., & Perciballi, V. (2017). Measuring docker performance: What a mess!!! https://dl.acm.org/doi/abs/10.1145/3053600.3053605
Benedictis, M. D., & Lioy, A. (2019). Integrity verification of Docker containers for a lightweight cloud environment. Future Generation Computer Systems. https://www.sciencedirect.com/science/article/pii/S0167739X18327201
Cito, J., Schermann, G., & Wittern, J. (2017). An empirical analysis of the docker container ecosystem on github. https://ieeexplore.ieee.org/abstract/document/7962382/
Merkel, D. (2014). Docker: lightweight linux containers for consistent development and deployment. Linux j. https://www.seltzer.com/margo/teaching/CS508.19/papers/merkel14.pdf
Sinde, S., Thakkalapally, B., & Ramidi, M. (2022). Continuous integration and deployment automation in aws cloud infrastructure. https://www.academia.edu/download/88213515/Continuous_Integration_and_Deployment_Automation_in_AWS_Cloud_Infrastructure.pdf
Garg, S., & Garg, S. (2019). Automated cloud infrastructure, continuous integration and continuous delivery using docker with robust container security. https://ieeexplore.ieee.org/abstract/document/8695332/
Yang, N., Chen, C., Yuan, T., Wang, Y., Gu, X., & Yang, D. (2022). Security hardening solution for docker container. 2022 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). https://www.semanticscholar.org/paper/35a5f38d0f399b0c7abdb2dd8a622d69a5e4ec80
Opdebeeck, R., Lesy, J., Zerouali, A., & Roover, C. D. (2023). The Docker Hub Image Inheritance Network: Construction and Empirical Insights. 2023 IEEE 23rd International Working Conference on Source Code Analysis and Manipulation (SCAM). https://www.semanticscholar.org/paper/b070ae365789a713ab8c53bf573dfea5f3cfa7aa
Chen, E. (2017). An approach for improving transparency and traceability of industrial supply chain with Blockchain technology. https://trepo.tuni.fi/handle/123456789/25401
Ravi, D., Ramachandran, S., & Vignesh, R. (2022). Privacy preserving transparent supply chain management through Hyperledger Fabric. https://www.sciencedirect.com/science/article/pii/S2096720922000136
Benedictis, M. D., & Lioy, A. (2019). Integrity verification of Docker containers for a lightweight cloud environment. Future Generation Computer Systems. https://www.sciencedirect.com/science/article/pii/S0167739X18327201
Centobelli, P., Cerchione, R., & Vecchio, P. D. (2022). Blockchain technology for bridging trust, traceability and transparency in circular supply chain. https://www.sciencedirect.com/science/article/pii/S0378720621000823
Hauser, H. (n.d.). Hardening the Software Supply Chain: Developing a System to Prevent Dependency Confusion Attacks in Cloud Based Continuous Integration and …. https://it-forensik.fiw.hs-wismar.de/images/9/9b/MT_Hauser2.pdf
Zabin, H. (2017). Implementation of docker integrated with cloud computing and code quality analysis (test automation). https://www.semanticscholar.org/paper/8178275bcf64491d981ba8318209b7994f3d36f5
Gajbhiye, B., Goel, O., & Pandian, P. K. G. (2024). Managing Vulnerabilities in Containerized and Kubernetes Environments. Journal of Quantum Science and Technology. https://www.semanticscholar.org/paper/05f6e461cc24b2680baa4b98fae766d41a8f4b73
Ksontini, E., Kessentini, M., Ferreira, T., & Hassan, F. (2021). Refactorings and Technical Debt in Docker Projects: An Empirical Study. 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE). https://www.semanticscholar.org/paper/8ed3345683127ae31e051696d1504f8901b05563
Zhang, Y., Zhang, Y., Wu, Y., Lu, Y., Wang, T., & Mao, X. (2020). Exploring the Dependency Network of Docker Containers: Structure, Diversity, and Relationship. Proceedings of the 12th Asia-Pacific Symposium on Internetware. https://www.semanticscholar.org/paper/7bb18bc58e65bb0eadf16a7dc4c169e8fed9942d
Noecker, C. (2018). Making Scientific Applications Portable: Software Containers and Package Managers. https://www.semanticscholar.org/paper/cef86ff0553a75e4694f28f55f48196e4484e173
Kawaguchi, N., Hart, C., & Uchiyama, H. (2024). Understanding the Effectiveness of SBOM Generation Tools for Manually Installed Packages in Docker Containers. Journal of Internet Services and Information Security. https://www.semanticscholar.org/paper/1da7537bc1ef177fafc42bfc722643b8a822d6fe
Mounesan, M., Siadati, H., & Jafarikhah, S. (2023). Exploring the Threat of Software Supply Chain Attacks on Containerized Applications. 2023 16th International Conference on Security of Information and Networks (SIN). https://www.semanticscholar.org/paper/afe2dcaaa64021e4513f4e8139d3be34962095c4
Bandara, E., Shetty, S., Mukkamala, R., Rahman, A., Foytik, P. B., Liang, X., Zoysa, K. D., & Keong, N. W. (2024). DevSec-GPT — Generative-AI (with Custom-Trained Meta’s Llama2 LLM), Blockchain, NFT and PBOM Enabled Cloud Native Container Vulnerability Management and Pipeline Verification Platform. 2024 IEEE Cloud Summit. https://www.semanticscholar.org/paper/5ee722d732ec83c1e1c3bd243822b72762b637dc
Paul, B., & Rao, M. (2022). Zero-Trust Model for Smart Manufacturing Industry. Applied Sciences. https://www.mdpi.com/2076-3417/13/1/221
̈njes, R. T., Ali, M., Barnaghi, P., Ganea, S., Ganz, F., Haushwirth, M., Brigitte, Kjærgaard, ̈mper, D. K., Mileo, A., Nechifor, S., Sheth, A., Lasse, & Vestergaard. (2015). Real-Time IoT Stream Processing and Large-scale Data Analytics for Smart City Applications. https://www.semanticscholar.org/paper/df60f432ddbbe9f16107ebf8ab88e300e6d2349f
Ekanayaka, E. M. I. M., Thathsarani, J. K. K. H., Karunanayaka, D. S., Kuruwitaarachchi, N., & Skandakumar, N. (2023). Enhancing Devops Infrastructure For Efficient Management Of Microservice Applications. 2023 IEEE International Conference on E-Business Engineering (ICEBE). https://www.semanticscholar.org/paper/af2d625a6c71f0f1abf351adf98340582637ba8e
Haque, M. U., Iwaya, L. H., & Babar, M. (2020). Challenges in Docker Development: A Large-scale Study Using Stack Overflow. Proceedings of the 14th ACM / IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). https://www.semanticscholar.org/paper/cba23b34012e9b4fc321ad07acfa19e64885af6b
Atatus. (n.d.). Docker Logging: Effective Strategies for Docker Log Management. Retrieved from https://www.atatus.com/blog/docker-logging-best-practices/
Devconnected. (n.d.). Docker Logs: Complete Guide. Retrieved from https://devconnected.com/docker-logs-complete-guide/
Alves, M., & Paula, H. (2021). Identifying logging practices in open source python containerized application projects. https://dl.acm.org/doi/abs/10.1145/3474624.3474631
Bhimani, J., Yang, J., Yang, Z., Mi, N., Xu, Q., Awasthi, M., Pandurangan, R., & Balakrishnan, V. (2016). Understanding performance of I/O intensive containerized applications for NVMe SSDs. 2016 IEEE 35th International Performance Computing and Communications Conference (IPCCC). https://www.semanticscholar.org/paper/974eccb61c50776495e821714b9dacab5e888976
Chang, C.-C., Yang, S.-R., Yeh, E.-H., Lin, P., & Jeng, J.-Y. (2017). A Kubernetes-Based Monitoring Platform for Dynamic Cloud Resource Provisioning. GLOBECOM 2017 - 2017 IEEE Global Communications Conference. https://www.semanticscholar.org/paper/14353c56e5a55a919fcad86b22ec0dc357171dbb
Ajith, V., Cyriac, T., Chavda, C., Kiyani, A. T., Chennareddy, V., & Ali, K. (2024). Analyzing Docker Vulnerabilities through Static and Dynamic Methods and Enhancing IoT Security with AWS IoT Core, CloudWatch, and GuardDuty. IoT. https://www.semanticscholar.org/paper/4c08997c7ed9002f9c9d7ed9cd946d8066c788c2
Gajbhiye, B., Goel, O., & Pandian, P. K. G. (2024). Managing Vulnerabilities in Containerized and Kubernetes Environments. Journal of Quantum Science and Technology. https://www.semanticscholar.org/paper/05f6e461cc24b2680baa4b98fae766d41a8f4b73
Organiściak, P., Kuraś, P., Strzałka, D., Paszkiewicz, A., Bolanowski, M., Kowal, B., Ćmil, M., Dymora, P., Mazurek, M., & Vanivska, V. (2024). Detection of Incidents and Anomalies in Software-Defined Network – Based Implementations of Critical Infrastructure Resulting in Adaptive System Changes. Advances in Science and Technology Research Journal. https://www.semanticscholar.org/paper/98f3b931b7ab15cecfd5a66f46e65aa49265850a
Herath, I. P., Jayawardena, S., Fadhil, A., Kodagoda, N., & Arachchillage, U. S. S. S. (2023). Streamlining Software Release Process and Resource Management for Microservice-based Architecture on multi-cloud. 2023 25th International Multitopic Conference (INMIC). https://www.semanticscholar.org/paper/70262e1b9fd97bab26c8efc4d1da47581dbe7ac9
Farcic, V. (2016). The DevOps 2.0 Toolkit: Automating the Continuous Deployment Pipeline with Containerized Microservices. https://www.semanticscholar.org/paper/628b5a10c0b56dc1e226e3d0fa2b2b61cee7c9db
Bhat, P. (2021). Centralised Cleanup Service for Kubernetes and Cloud Resources. International Journal for Research in Applied Science and Engineering Technology. https://www.semanticscholar.org/paper/3308563bbf87196390f218643cf5c30bc66b34e0
Larsson, M. (2019). Hands-On Microservices with Spring Boot and Spring Cloud. https://www.semanticscholar.org/paper/4828eb75799a6290f6dc53872a230539acb7d3fc
Mahajan, V., & Mane, S. (2022). Detection, Analysis and Countermeasures for Container based Misconfiguration using Docker and Kubernetes. 2022 International Conference on Computing, Communication, Security and Intelligent Systems (IC3SIS). https://www.semanticscholar.org/paper/ea4a7e32e61ddb9599932dd597c48b2ec0114112
Chen, L., Liu, J., Xian, M., & Wang, H. (2020). Docker Container Log Collection and Analysis System Based on ELK. 2020 International Conference on Computer Information and Big Data Applications (CIBDA). https://www.semanticscholar.org/paper/1052dd3dcca00614048d3c0d7c8476038ad0e7be
Velásquez, J. L., & Monterrubio, S. M. (2023). Systematic review of SIEM technology: SIEM-SC birth. https://link.springer.com/article/10.1007/s10207-022-00657-9
Mulyadi, F., Annam, L., & Promya, R. (2020). Implementing dockerized elastic stack for security information and event management. https://ieeexplore.ieee.org/abstract/document/9310950/
Raheem, M. (2021). Implementing a Secured Container Workload in the Cloud. https://www.theseus.fi/handle/10024/406583
Hongkamnerd, W., & Tangtrongpairoj, W. (2024). Effects of SIEM Recovery Time: Case Study on Security Onion. https://ieeexplore.ieee.org/abstract/document/10594988/
Rabby, Z. (2022). Building Security Operations Center (SOC) using open source technologies SIEM for industries. https://dspace.bracu.ac.bd/xmlui/handle/10361/22720
Alanda, A., Mooduto, H., & Hadi, R. (2023). Real-time Defense Against Cyber Threats: Analyzing Wazuh’s Effectiveness in Server Monitoring. JITCE (Journal of Information Technology and Computer Engineering). https://www.semanticscholar.org/paper/b60aed960868df30004784b41262007507596c02
Ahamed, W., & Zavarsky, P. (2021). Security audit of docker container images in cloud architecture. https://ieeexplore.ieee.org/abstract/document/9478100/
Brady, K., Moon, S., & Nguyen, T. (2020). Docker container security in cloud computing. https://ieeexplore.ieee.org/abstract/document/9031195/
Loukidis-Andreou, F., & Giannakopoulos, I. (2018). Docker-sec: A fully automated container security enhancement mechanism. https://ieeexplore.ieee.org/abstract/document/8416432/
Manu, A., Patel, J., & Akhtar, S. (2016). Docker container security via heuristics-based multilateral security-conceptual and pragmatic study. https://ieeexplore.ieee.org/abstract/document/7530217/
Merkel, D. (2014). Docker: lightweight linux containers for consistent development and deployment. Linux j, 239(2), 2.
Song, J., Park, K., Park, C., Kim, J., & Kim, I. (2024, June). Analyzing the container security threat on the 5G Core Network. In 2024 Silicon Valley Cybersecurity Conference (SVCC) (pp. 1-3). IEEE.
Sultan, S., Ahmad, I., & Dimitriou, T. (2019). Container security: Issues, challenges, and the road ahead. IEEE access, 7, 52976-52996.
Zhang, H., & Liu, Y. (2020). "Runtime Security for Docker Containers: A Survey." IEEE Access, 8, 133445-133460.
Casalicchio, E. (2019). Container orchestration: A survey. Systems Modeling: Methodologies and Tools, 221-235.
Mason, T., & Kim, S. (2021). "Integrating Security into the Continuous Deployment Pipeline: A Case Study." ACM Transactions on Software Engineering and Methodology, 30(4), 1-25.
Kermabon-Bobinnec, H., Gholipourchoubeh, M., Bagheri, S., Majumdar, S., Jarraya, Y., Pourzandi, M., & Wang, L. (2022, April). Prospec: Proactive security policy enforcement for containers. In Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy (pp. 155-166).
McLaughlin, T. (2021). Securing Docker: Implementing Security Best Practices for Docker Containers. Apress..
Downloads
Published
Issue
Section
License
Copyright (c) 2025 International Journal of Scientific Research in Computer Science, Engineering and Information Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.