Strategies for Malware Defense in Containerized Environments
Keywords:
Docker, Malware Defense, Vulnerabilities, Data SecurityAbstract
With the rising problems of portability, compati- bility, and scalability in deployment on different environments, containers were introduced. Containers are isolated, portable, and efficient ways of running modern applications. Their use- fulness as tools though, has also led to increased cases of insecurity. The conventional ways of container protection were Ubuntu, Clair, Grape, STRIDE, and DREAD frameworks that relied mostly on vulnerability assessment and threat modelling. However, these measures did not include changes in the evolving features of container attacks aimed at protecting image interfaces and APIs. This paper provides an in-depth analysis of malware attacks and restricting privileges to non-root users upon mali- cious identification. This is done to minimize the attack vectors including the preference of non-root users and only using up- to-date lightweight base images, and multiple build formations. In this paper, the implementation of the Trivy tool is done in the protection of malware attacks. Scanner Trivy is an Open- Source vulnerability scanner that can identify threats and eval- uate risks, to avoid misconfigurations and vulnerabilities. This prevents probable attacks by providing a secure and reliable host environment. Therefore, it helps future generations in mitigating the risks associated with working with contained environments and in overcoming any possible future threats.
References
P. R. C. a. S. A. K. J. Chelladhurai, ”Securing Docker Containers from Denial of Service (DoS) Attacks,” in 2016 IEEE International Conference on Services Computing (SCC), San Francisco, 2016.
S. K. a. J.-H. L. H. Lee, ”Experimental Analysis of Security Attacks for Docker Container Communications,” Electronics, vol. 12, no. 4, p. 940, 2023.
H. C. S. W. a. C. H. D. Huang, ”Security Analysis and Threats Detection Techniques on Docker Container,” in 2019 IEEE 5th International Conference on Computer and Communications (ICCC), Chengdu, 2019.
E. C. M. O. a. J. Z. A. Wong, ”Threat Modeling and Security Analysis of Containers: A Survey,” 2021.
B. A. Z. A. A. A. F. H. K. a. F. A. J. Roheen Qamar, ”Detecting Distributed Denial of Service attacks,” University of Sindh Journal of Information and Communication Technology (USJICT), vol. 5, no. 2, 2021.
S. M. K. S. M. a. S. R. H. Madiha Amjad Hussain, ”An Efficient Malware Detection Approach for Malicious Android Application,” University of Sindh Journal of Information and Communication Technology (USJICT) , vol. 5, no. 3, 2021.
T. D. N. A. S¸ . T. F. V. T. K. a. A. -R. S. M. S. Haq, ”A Comprehensive Analysis and Evaluation of Docker Container Attack and Defense Mechanisms,” in 2024 IEEE Symposium on Security and Privacy (SP), San Francisco, 2024.
E. K. R. T. a. R. P. S. Mullinix, ”On Security Measures for Containerized Applications Imaged with Docker,” arXiv, 2020.
D. U. N. Mohd and V. Kuriyal, ”Security Implications in Docker Based Virtual Environment,” Webology, vol. 18, no. 4, p. 2373, 2021.
S. C. S. M. K. K. D. P. V. S. Devi Priya, ”Container security: Precaution levels, mitigation strategies, and research perspectives,” Computers & Security, vol. 135, 2023.
M. T. S. M. Y. K. Y. Jin, ”A Secure Container-based Backup Mechanism to Survive Destructive Ransomware Attacks,” International Conference on Computing, Networking and Communications (ICNC), Maui, HI, USA, 2018.
R. Yasrab, ”Mitigating Docker Security Issues,” April 2018.
S. S., P.B. H. Shylaja,”Container Security: An Extensive Roadmap”, 3rd International Conference on Integrated Intelligent Computing Communication and Security (ICIIC 2021), pp. 427-436, 2021
Xu, X., et al. ”A Survey on Security Issues in Container-Based Virtualization.” IEEE Transactions on Network and Service Management, vol. 16, no. 1, 2019, pp. 70–85.
Banyai, E., and Gherasim, T. ”Enhancing Security for Docker Contain- ers.” Journal of Cloud Computing: Advances, Systems and Applications, vol. 9, no. 1, 2020.
Falco, A., et al. ”Resource Monitoring for Containerized Applications.” International Journal of Network Management, vol. 30, no. 2, 2020, e2074.
Cito, J., et al. ”Network Isolation in Docker: Improving Security through Proper Network Segmentation.” IEEE Communications Surveys and Tutorials, vol. 21, no. 4, 2019, pp. 2854-2870.
Turnbull, J. ”The Docker Book: Containerization Is the New Virtualization.” Turnbull Press, 2021.
Mitchell, Brian S and Chandnani, Ansh and Carter, John and Roumelioti, Danai and Mancoridis, Spiros, ”Malware Detection in Cloud Native Environments”, AICCC,pp. 14-16, Dec. 2024.
”Container Security Vulnerabilities: Types, Assessment, and Mitigation”, Checkpoint, accessed October 27, 2024.
Budi Pranoto, “Threat Mitigation in Containerized Environments”, ARAIC, vol. 6, no. 8, pp. 22–38, Aug. 2023.
”Enhancing Container Security Through Automated Vulnerability Scanning and Remediation with Trivy” Insights2Techinfo A Platform for Researchers and Technology Enthusiasts, accessed October 27, 2024.
Downloads
Published
Versions
- 2025-12-26 (2)
- 2024-07-30 (1)
How to Cite
Issue
Section
License
Copyright (c) 2025 University of Sindh Journal of Information and Communication Technology
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
University of Sindh Journal of Information and Communication Technology (USJICT) follows an Open Access Policy under Attribution-NonCommercial CC-BY-NC license. Researchers can copy and redistribute the material in any medium or format, for any purpose. Authors can self-archive publisher's version of the accepted article in digital repositories and archives.
Upon acceptance, the author must transfer the copyright of this manuscript to the Journal for publication on paper, on data storage media and online with distribution rights to USJICT, University of sindh, Jamshoro, Pakistan. Kindly download the copyright for below and attach as a supplimentry file during article submission
