English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 42683899      線上人數 : 1548
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/93023


    題名: 以基於系統調用的容器異常檢測提升虛擬化安全性;Enhancing Virtualization Security through System Call-based Anomaly Detection in Containers
    作者: 許博凱;Hsu, Po-Kai
    貢獻者: 資訊工程學系在職專班
    關鍵詞: 容器;虛擬化安全;入侵偵測系統;Falco;Docker;container;virtualization security;Intrusion detection system;Falco;Docker
    日期: 2023-07-15
    上傳時間: 2024-09-19 16:38:55 (UTC+8)
    出版者: 國立中央大學
    摘要: 在微服務架構盛行的當代,容器化應用程序面臨著前所未有的安全挑戰。本研究提出一種容器安全解決方案,主要透過監控與分析系統調用序列,對微服務容器的行為進行異常檢測。為了實現此目標,我們創建了一種專門收集微服務架構下容器行為的新資料集,名為遃遃遯遅遄。我們設計的解決方案架構包含了多個核心組件,包括系統調用監視器、資料庫和儀表板、解析器,以及異常檢測模型。其中,我們專注於利用機器學習技術,特別是無監督學習的自動編碼器,以增強對未知漏洞的偵測能力。此解決方案亦充分利用了容器化技術的優勢,確保其具備簡易性、可擴展性、易於採用和高度自動化等特點。我們的評估方法主要針對誤報率和平均檢測時間進行分析。實驗結果顯示,大部分容器的攻擊檢測表現達到預期。然而,有一個子集群的檢測時間略長,介於進逰逰至逳逰逰秒之間。我們對此提出了假設,認為漏洞的內在複雜性可能是影響檢測時間的主要因素。總的來說,本研究的成果為提升容器安全性提供了重要的指引,將有助於進一步完善微服務安全領域的研究。;In the current era where microservice architecture is prevalent, containerized applications are facing unprecedented security challenges. This research proposes a container security solution, mainly through the monitoring and analysis of system call sequences, to detect anomalies in the behavior of microservice containers. To achieve this goal, we created a new dataset specifically designed to collect behavior of containers under the microservice architecture, named CCoED.The framework of our proposed solution includes multiple core components, such as system call monitors, databases and dashboards, parsers, and an anomaly detection model. Among them, we focus on utilizing machine learning techniques, specifically unsupervised learning via autoencoders, to enhance the detection capability of unknown vulnerabilities. This solution also takes full advantage of the benefits of containerization technology, ensuring simplicity, scalability, ease of adoption, and a high degree of automation.Our evaluation methodology primarily focuses on the analysis of false alarm rate and average detection time. Experimental results show that the attack detection performance of most containers meets expectations. However, the detection time of one subset is slightly longer, ranging between 200 to 300 seconds. We hypothesize that the intrinsic complexity of vulnerabilities may be the main factor influencing detection time.In summary, the findings of this research provide important guidelines for enhancing container security, and will contribute to further refinement of research in the field of microservice security.
    顯示於類別:[資訊工程學系碩士在職專班 ] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML22檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明