dc.description.abstract | In recent years, cloud computing has become more and more popular because of its low cost, high scalability, and easy maintenance. It has gradually replaced the limitation that the application can only be operated locally. In addition to virtualization, containers are also one of the important technologies for cloud computing. Containers do not need to have an independent operating system and can directly share the operating system of the host. Although it is convenient and cost-effective, the security isolation mechanism is not as complete as a virtual machine and is easier become the target of intruders.
Honeypot is an active defense that can attract intruders by emulating a network service or environment with flaws. Honeypots collect the intruder′s attack intentions, techniques, tools, etc., to understand what security problems exist in the existing system, what challenges the system are facing.
We propose a mechanism to dynamically transform a container into a honeypot. We integrate a warning backup system, anti-virus software and real-time monitoring to bring out DCH. When the container is invaded, our mechanism can protect important data, and also redirect network to a highly interactive honeypot for real-time monitoring. After experiments, we found that our system could perform well, and the overhead introduced by our system is neglectable. | en_US |