中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/93023
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 80990/80990 (100%)
造访人次 : 42691824      在线人数 : 1500
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/93023


    题名: 以基於系統調用的容器異常檢測提升虛擬化安全性;Enhancing Virtualization Security through System Call-based Anomaly Detection in Containers
    作者: 許博凱;Hsu, Po-Kai
    贡献者: 資訊工程學系在職專班
    关键词: 容器;虛擬化安全;入侵偵測系統;Falco;Docker;container;virtualization security;Intrusion detection system;Falco;Docker
    日期: 2023-07-15
    上传时间: 2024-09-19 16:38:55 (UTC+8)
    出版者: 國立中央大學
    摘要: 在微服務架構盛行的當代,容器化應用程序面臨著前所未有的安全挑戰。本研究提出一種容器安全解決方案,主要透過監控與分析系統調用序列,對微服務容器的行為進行異常檢測。為了實現此目標,我們創建了一種專門收集微服務架構下容器行為的新資料集,名為遃遃遯遅遄。我們設計的解決方案架構包含了多個核心組件,包括系統調用監視器、資料庫和儀表板、解析器,以及異常檢測模型。其中,我們專注於利用機器學習技術,特別是無監督學習的自動編碼器,以增強對未知漏洞的偵測能力。此解決方案亦充分利用了容器化技術的優勢,確保其具備簡易性、可擴展性、易於採用和高度自動化等特點。我們的評估方法主要針對誤報率和平均檢測時間進行分析。實驗結果顯示,大部分容器的攻擊檢測表現達到預期。然而,有一個子集群的檢測時間略長,介於進逰逰至逳逰逰秒之間。我們對此提出了假設,認為漏洞的內在複雜性可能是影響檢測時間的主要因素。總的來說,本研究的成果為提升容器安全性提供了重要的指引,將有助於進一步完善微服務安全領域的研究。;In the current era where microservice architecture is prevalent, containerized applications are facing unprecedented security challenges. This research proposes a container security solution, mainly through the monitoring and analysis of system call sequences, to detect anomalies in the behavior of microservice containers. To achieve this goal, we created a new dataset specifically designed to collect behavior of containers under the microservice architecture, named CCoED.The framework of our proposed solution includes multiple core components, such as system call monitors, databases and dashboards, parsers, and an anomaly detection model. Among them, we focus on utilizing machine learning techniques, specifically unsupervised learning via autoencoders, to enhance the detection capability of unknown vulnerabilities. This solution also takes full advantage of the benefits of containerization technology, ensuring simplicity, scalability, ease of adoption, and a high degree of automation.Our evaluation methodology primarily focuses on the analysis of false alarm rate and average detection time. Experimental results show that the attack detection performance of most containers meets expectations. However, the detection time of one subset is slightly longer, ranging between 200 to 300 seconds. We hypothesize that the intrinsic complexity of vulnerabilities may be the main factor influencing detection time.In summary, the findings of this research provide important guidelines for enhancing container security, and will contribute to further refinement of research in the field of microservice security.
    显示于类别:[資訊工程學系碩士在職專班 ] 博碩士論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML22检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明