Insight from a Docker Container Introspection

Files

Insight from a Docker Container_OCR.pdf (596.47 KB)

Date

2019-01

Authors

Watts, Thomas
Benton, Ryan G.
Glisson, William Bradley
Shropshire, Jordan

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Large-scale adoption of virtual containers has stimulated concerns by practitioners and academics about the viability of data acquisition and reliability due to the decreasing window to gather relevant data points. These concerns prompted the idea that introspection tools, which are able to acquire data from a system as it is running, can be utilized as both an early warning system to protect that system and as a data capture system that collects data that would be valuable from a digital forensic perspective. An exploratory case study was conducted utilizing a Docker engine and Prometheus as the introspection tool. The research contribution of this research is two-fold. First, it provides empirical support for the idea that introspection tools can be utilized to ascertain differences between pristine and infected containers. Second, it provides the ground work for future research conducting an analysis of large-scale containerized applications in a virtual cloud.

Description

Article co-authored by William Glisson published in the Proceedings of the 52nd Hawaii International Conference on System Sciences in 2019.

Keywords

Cyber Threat Intelligence and Analytics, Software Technology, Cloud computing, Containers, Introspection, Docker

Citation

Watts, T., Benton, R., Glisson, W., & Shropshire, J. (2019). Insight from a Docker Container Introspection. Proceedings of the 52nd Hawaii International Conference on System Sciences. Hawaii International Conference on System Sciences, p, 7194-7203. https://doi.org/10.24251/hicss.2019.863

URI

https://hdl.handle.net/20.500.11875/3202

Collections

Department of Computer Science
Cyber Forensics Intelligence Center