Skip to main content

Research Repository

Advanced Search

Experimenting with docker: Linux container and baseos attack surfaces

Mohallel, Amr A.; Bass, Julian; Dehghantaha, Ali

Authors

Amr A. Mohallel

Ali Dehghantaha



Abstract

Linux containers showed great superiority when compared to virtual machines and hypervisors in terms of networking, disk and memory management, start-up and compilation speed, and overall processing performance. In this research, we are questioning whether it is more secure to run services inside Linux containers than running them directly on a host base operating system or not. We used Docker v1.10 to conduct a series of experiments to assess the attack surface of hosts running services inside Docker containers compared to hosts running the same services on the base operating system represented in our paper as Debian Jessie. Our vulnerability assessment shows that using Docker containers increase the attack surface of a given host, not the other way around.

Citation

Mohallel, A. A., Bass, J., & Dehghantaha, A. (2017). Experimenting with docker: Linux container and baseos attack surfaces. . https://doi.org/10.1109/i-Society.2016.7854163

Start Date Oct 10, 2016
End Date Oct 13, 2016
Online Publication Date Feb 16, 2017
Publication Date 2017
Deposit Date Dec 18, 2023
Publisher Institute of Electrical and Electronics Engineers
DOI https://doi.org/10.1109/i-Society.2016.7854163