CONSERVE: A framework for the selection of techniques for monitoring containers security

Context: Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments. Problem: Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand. Objective: We aim to support the selection and design of techniques for monitoring container-based virtualization environments. Approach:: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques. Result: As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains. Evaluation: A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits.

Schlagworte

Attack analysis

Container monitoring

Intrusion detection

Security

Software and systems engineering

Virtualization

DDC Class

600: Technik

More Funding Information

We would like to thank the participants who took a part in the evaluation of CONSERVE. This research was partially supported by the Swedish VINNOVA FFI project CyReV: Cyber Resilience for Vehicles with diary numbers: 2018-05013 (1st phase) and 2019-03071 (2nd phase).

Options

CONSERVE: A framework for the selection of techniques for monitoring containers security