1 Ocak 2022 Konferans bildirisi Açık Erişim

Sever, Yigit; Ekinci, Goktug; Dogan, Adnan Harun; Alparslan, Bugra; Gurbuz, Abdurrahman Said; Jabrayilov, Vahab; Angin, Pelin

JSON-LD (schema.org)

{
  "@context": "https://schema.org/", 
  "@id": 253617, 
  "@type": "ScholarlyArticle", 
  "creator": [
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Sever, Yigit"
    }, 
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Ekinci, Goktug"
    }, 
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Dogan, Adnan Harun"
    }, 
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Alparslan, Bugra"
    }, 
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Gurbuz, Abdurrahman Said"
    }, 
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Jabrayilov, Vahab"
    }, 
    {
      "@type": "Person", 
      "affiliation": "Middle East Tech Univ, Dept Comp Engn, Ankara, Turkey", 
      "name": "Angin, Pelin"
    }
  ], 
  "datePublished": "2022-01-01", 
  "description": "Microservices architecture has been praised as a lightweight, modular and robust alternative to monolithic software in recent years with software containerization bringing parallel ideas to the table against bare metal and even virtual machine based software deployment solutions. While containers provide support for agile software development in the cloud, they suffer from security issues due to their lightweight structure not providing isolation as strong as that of virtual machines. This calls for the development of robust intrusion detection systems (IDS) for containers, taking into account their specific vulnerabilities. Existing IDS for containerized software deployments have mainly used host-based syscall monitoring, with only a few utilizing network-based monitoring without justification for the particular sensor used. In this paper, we aim to close this research gap by empirically evaluating the performances of system call and network flow based features in machine learning-based intrusion detection for containers when subjected to the same attacks. Our results show that basing the IDS on the network layer exhibits better performance than the host-based IDS for the investigated vulnerabilities, demonstrating the need for network monitoring for enhanced container security.", 
  "headline": "An Empirical Analysis of IDS Approaches in Container Security", 
  "identifier": 253617, 
  "image": "https://aperta.ulakbim.gov.tr/static/img/logo/aperta_logo_with_icon.svg", 
  "license": "http://www.opendefinition.org/licenses/cc-by", 
  "name": "An Empirical Analysis of IDS Approaches in Container Security", 
  "url": "https://aperta.ulakbim.gov.tr/record/253617"
}