中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/92479
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 78852/78852 (100%)
Visitors : 37792943      Online Users : 643
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/92479


    Title: 以基於系統調用的容器異常檢測提升虛擬化安全性;Enhancing Virtualization Security through System Call-based Anomaly Detection in Containers
    Authors: 許博凱;Hsu, Po-Kai
    Contributors: 資訊工程學系在職專班
    Keywords: 容器;虛擬化安全;入侵偵測系統;Falco;Docker;container;virtualization security;Intrusion detection system;Falco;Docker
    Date: 2023-07-15
    Issue Date: 2023-10-04 16:02:42 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 在微服務架構盛行的當代,容器化應用程序面臨著前所未有的安全挑戰。本研究提出一種容器安全解決方案,主要透過監控與分析系統調用序列,對微服務容器的行為進行異常檢測。為了實現此目標,我們創建了一種專門收集微服務架構下容器行為的新資料集,名為遃遃遯遅遄。我們設計的解決方案架構包含了多個核心組件,包括系統調用監視器、資料庫和儀表板、解析器,以及異常檢測模型。其中,我們專注於利用機器學習技術,特別是無監督學習的自動編碼器,以增強對未知漏洞的偵測能力。此解決方案亦充分利用了容器化技術的優勢,確保其具備簡易性、可擴展性、易於採用和高度自動化等特點。我們的評估方法主要針對誤報率和平均檢測時間進行分析。實驗結果顯示,大部分容器的攻擊檢測表現達到預期。然而,有一個子集群的檢測時間略長,介於進逰逰至逳逰逰秒之間。我們對此提出了假設,認為漏洞的內在複雜性可能是影響檢測時間的主要因素。總的來說,本研究的成果為提升容器安全性提供了重要的指引,將有助於進一步完善微服務安全領域的研究。;In the current era where microservice architecture is prevalent, containerized applications are facing unprecedented security challenges. This research proposes a container security solution, mainly through the monitoring and analysis of system call sequences, to detect anomalies in the behavior of microservice containers. To achieve this goal, we created a new dataset specifically designed to collect behavior of containers under the microservice architecture, named CCoED.The framework of our proposed solution includes multiple core components, such as system call monitors, databases and dashboards, parsers, and an anomaly detection model. Among them, we focus on utilizing machine learning techniques, specifically unsupervised learning via autoencoders, to enhance the detection capability of unknown vulnerabilities. This solution also takes full advantage of the benefits of containerization technology, ensuring simplicity, scalability, ease of adoption, and a high degree of automation.Our evaluation methodology primarily focuses on the analysis of false alarm rate and average detection time. Experimental results show that the attack detection performance of most containers meets expectations. However, the detection time of one subset is slightly longer, ranging between 200 to 300 seconds. We hypothesize that the intrinsic complexity of vulnerabilities may be the main factor influencing detection time.In summary, the findings of this research provide important guidelines for enhancing container security, and will contribute to further refinement of research in the field of microservice security.
    Appears in Collections:[Executive Master of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML72View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明