Advances, Systems and Applications
From: CONTAIN4n6: a systematic evaluation of container artifacts
Reference | Platform | Attack Launched | Introspection | File System | System Call | Interface |
---|---|---|---|---|---|---|
Abed et al. [21] | Docker | SQL injection | Yes | No | Yes | No |
SANS InfoSec [22] | Docker | Container escape attack | Only Process ID | No | No | No |
Winkel [24] | Docker | Container escape attack | Only log file | No | Yes | ELK model |
Jian et al. [25] | Docker | Container escape attack | Yes | No | No | No |
Dewald et al. [27] | Docker | No | Yes | Partially | No | No |
Xiang et al. [28] | Docker APIs | No | Yes | Yes | No | No |
Lin et al. [29] | Docker | Privilege escalation attack | No | Partially | No | No |
Williams et al. [30] | Docker | No | Yes (Sysdig tool) | Yes | No | No |
Lu et al. [32] | Docker | File redundancy | Yes | No | No | No |
Awuson et al. [33] | Docker | Trust based issue | Yes | No | No | No |
CONTAIN4n6 | Docker | Privilege escalation attack | Yes | Yes | Yes | Yes |