Intrusion Detection System for Applications using Linux Containers
| dc.contributor.author | Abed, Amr S. | en |
| dc.contributor.author | Clancy, Thomas Charles III | en |
| dc.contributor.author | Levy, David S. | en |
| dc.contributor.department | Electrical and Computer Engineering | en |
| dc.contributor.department | Computer Science | en |
| dc.contributor.department | Hume Center for National Security and Technology | en |
| dc.date.accessioned | 2017-11-17T16:11:23Z | en |
| dc.date.available | 2017-11-17T16:11:23Z | en |
| dc.date.issued | 2015-12-09 | en |
| dc.description.abstract | Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed. | en |
| dc.description.sponsorship | This work was funded by Northrop Grumman Corporation via a partnership agreement through S2ERC; an NSF Industry/University Cooperative Research Center. We would like to express our appreciation to Donald Steiner and Joshua Shapiro for their support and collaboration efforts in this work. | en |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.doi | https://doi.org/10.1007/978-3-319-24858-5_8 | en |
| dc.identifier.uri | http://hdl.handle.net/10919/80422 | en |
| dc.identifier.url | https://arxiv.org/abs/1611.03056 | en |
| dc.identifier.volume | 9331 | en |
| dc.language.iso | en | en |
| dc.publisher | Springer | en |
| dc.rights | In Copyright | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.subject | Intrusion Detection | en |
| dc.subject | Anomaly Detection | en |
| dc.subject | System Call Monitoring | en |
| dc.subject | Container Security | en |
| dc.subject | Security in Cloud Computing | en |
| dc.title | Intrusion Detection System for Applications using Linux Containers | en |
| dc.title.serial | Lecture Notes in Computer Science | en |
| dc.type | Article - Refereed | en |
| dc.type.dcmitype | Text | en |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- ClancyIntrusionDetectionSystem2016.pdf
- Size:
- 363.53 KB
- Format:
- Adobe Portable Document Format
- Description: