Options
CONSERVE: A framework for the selection of techniques for monitoring containers security
Citation Link: https://doi.org/10.15480/882.4139
Publikationstyp
Journal Article
Date Issued
2022-04
Sprache
English
Institut
TORE-DOI
Volume
186
Article Number
111158
Citation
Journal of Systems and Software 186: 111158 (2022-04)
Publisher DOI
Scopus ID
Publisher
Elsevier
Context: Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments. Problem: Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand. Objective: We aim to support the selection and design of techniques for monitoring container-based virtualization environments. Approach:: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques. Result: As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains. Evaluation: A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits.
Subjects
Attack analysis
Container monitoring
Intrusion detection
Security
Software and systems engineering
Virtualization
DDC Class
600: Technik
More Funding Information
We would like to thank the participants who took a part in the evaluation of CONSERVE. This research was partially supported by the Swedish VINNOVA FFI project CyReV: Cyber Resilience for Vehicles with diary numbers: 2018-05013 (1st phase) and 2019-03071 (2nd phase).
Publication version
publishedVersion
Loading...
Name
1-s2.0-S0164121221002478-main.pdf
Size
1.47 MB
Format
Adobe PDF