Performance Enhancement and Security Integration in a Multi-Objective Optimization Framework for Docker Image Slimming

Fernandes, Clint

Performance Enhancement and Security Integration in a Multi-Objective Optimization Framework for Docker Image Slimming

Tools

Fernandes, Clint (2025) Performance Enhancement and Security Integration in a Multi-Objective Optimization Framework for Docker Image Slimming. Masters thesis, Dublin, National College of Ireland.

Preview	PDF (Master of Science) Download (4MB) \| Preview
Preview	PDF (Configuration Manual) Download (2MB) \| Preview

Abstract

Modern software deployment has been revolutionized by containerization, with Docker being the most widely adopted containerization platform. However, if not properly inspected, Docker images often retain redundant and superfluous elements that increase the storage needs, transmission overhead, and attack surface. While existing image slimming approaches like δ-SCALPEL have shown great potential in reducing image sizes through static code analysis, their substantial performance bottlenecks prevent them from being widely used in CI/CD processes and real-world implementations. This paper offers an enhanced version of the δ-SCALPEL tool that decreases the execution time by 40% while incorporating vulnerability scanning for security assessment through Trivy. The focus was to improve static code analysis, implement efficient caching mechanisms, and integrate vulnerability scanning. The paper conducts comprehensive comparative experiments using the 20 NPM packages in the original tools' experiments. The experiments were performed on Amazon Web Services (AWS) cloud infrastructure to assess the security posture, slimming efficacy, and performance gains. The results conclude that the enhanced tool dramatically improves processing speed from an average of 8.3 minutes to 4.9 minutes while maintaining the original δ-SCALPEL's highest image size reduction of 61.4%. Furthermore, an integrated vulnerability assessment conducted by Trivy enabled the tool to identify and classify the various CVEs present in the slimmed image. These enhancements respond to growing demands for effective and secure container optimization in automated DevOps workflows and real-world production environments.

Item Type:	Thesis (Masters)
Supervisors:	Name Email Heeney, Sean UNSPECIFIED
Uncontrolled Keywords:	Cloud computing; Docker image slimming; static code analysis; performance optimization; vulnerability scanning; DevSecOps
Subjects:	T Technology > T Technology (General) > Information Technology > Cloud computing Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions:	School of Computing > Master of Science in Cloud Computing
Depositing User:	Ciara O'Brien
Date Deposited:	20 Mar 2026 15:40
Last Modified:	20 Mar 2026 15:40
URI:	https://norma.ncirl.ie/id/eprint/9213

Actions (login required)

View Item