[confproc]
Z. Jian
/ 2017
/ A Defense Method against Docker Escape Attack
/ Proceedings of the 2017 International Conference on Cryptography, Security and Privacy (ICCSP’17)
: 142~146
[journal]
Sari Sultan
/ 2019
/ Container Security: Issues, Challenges, and the Road Ahead
/ IEEE Access
/ Institute of Electrical and Electronics Engineers (IEEE)
7
: 52976~52996
/ 10.1109/ACCESS.2019.2911732
[web]
/ GVisor
/ https://gvisor.dev
[web]
/ Kata container
/ https://katacontainers.io
[web]
/ Nabla container
/ https://nabla-containers.github.io/
[confproc]
Ethan G. Young
/ 2019
/ The True Cost of Containing: A gVisor Case Study
/ Proceedings of the 11th USENIX Conference on Hot Topics in Cloud Computing(HotCloud’19)
: 16~
[confproc]
Anjali, Tyler Caraza-Harter
/ 2020
/ Blending containers and virtual machines: a study of firecracker and gVisor
/ Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE’20)
: 101~113
[web]
/ Measuring the Horizontal Attack Profile of Nabla Containers
/ https://blog.hansenpartnership.com/measuring-the-horizontal-attack-profile-of-nabla-containers/
[web]
/ CVE
/ https://cve.mitre.org/
[confproc]
D. Williams
/ 2018
/ Unikernels As Processes
/ Proceedings of the ACM Symposium on Cloud Computing, SoCC ’18
: 199~211
[confproc]
A. Kurmus
/ 2013
/ Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring
/ Proceedings of the 20th Network and Distributed System Security Symposium(NDSS’13)
[confproc]
Y. Li
/ 2017
/ Lock-in-Pop:Securing Privileged Operating System Kernels by Keeping on the Beaten Path
/ Proceedings of In Annual Technical Conference USENIX ATC’17
: 1~13
[confproc]
D. Williams
/ 2018
/ Say goodbye to virtualization for a safer cloud
/ Proc. of USENIX HotCloud
: 20~
[confproc]
A. Agache
/ 2020
/ Firecracker: Lightweight virtualization for serverless applications
/ 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI 20)
: 419~434
[web]
/ ExploitDB
/ https://www.exploit-db.com/
[web]
/ CVSS v2 Calculator
/ https://nvd.nist.gov/vulnmetrics/cvss/v2-calculator
[journal]
T.J. McCabe
/ 1976
/ A Complexity Measure
/ IEEE Transactions on Software Engineering
/ Institute of Electrical and Electronics Engineers (IEEE)
SE-2(4)
: 308~320
/ 10.1109/TSE.1976.233837
[web]
/ Objdump man page
/ https://linux.die.net/man/1/objdump
[web]
/ LTP Project
/ https://github.com/linux-test-project/ltp
[web]
/ Ftrace man page
/ https://linux.die.net/man/1/ftrace
[web]
/ Docker Seccomp Profile
/ https://docs.docker.com/engine/security/seccomp/
[web]
/ GVisor Seccomp Rule
/ https://github.com/google/gvisor/blob/master/runsc/boot/filter/config.go
[confproc]
A. Randazzo
/ 2019
/ Kata Containers: An Emerging Architecture for Enabling MEC Services in Fast and Secure Way
/ Proceedings of the 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS 2019)
: 209~214