NCI WEBSITE
NORMA eResearch @NCI Library

Enhancing Docker Container Security

Tools

Putta, Yellammagari Srikar (2023) Enhancing Docker Container Security. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (715kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (4MB) | Preview

Abstract

With the widespread adoption of Docker for deploying applications comes novel security challenges that attackers are actively exploiting. Common attack vectors include container escapes, image tampering, and privilege escalation. This research conducts an in-depth investigation into Docker container vulnerabilities, attack methods, and security strategies. As developers increasingly utilize Docker often with misconfigured images, attackers can compromise containers and gain unauthorized host access. This work demonstrates experimental attacks exploiting container misconfigurations to breach the underlying host system. It proposes concrete mitigation techniques focused on restricting privileges, limiting dangerous system calls, and reducing Linux capabilities granted to containers. These hardening techniques prevent attackers from reaching the host even in the event of container compromise. The analysis provides developers and devops teams actionable guidance on building more secure Docker images to avoid handing attackers the keys to the host system. By identifying risks, attack vectors, and tailored mitigations, this research enables organizations to benefit from the efficiencies of Docker while protecting against emerging security threats in this landscape. The insights equip developers with the knowledge to strengthen Docker container security as adoption continues to accelerate.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Jayasekera, Evgeniia
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 05 Nov 2024 14:35
Last Modified: 05 Nov 2024 14:35
URI: https://norma.ncirl.ie/id/eprint/7145

Actions (login required)

View Item View Item