SELinC : security evaluation of Linux containers

Access full-text files

SANKARANARAYANAN-THESIS-2018.pdf (981.51 KB)

Date

2018-05-03

Authors

Sankaranarayanan, Naveena

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Operating System containers are key to the success of modern datacenters. Containers provide an easy way to encapsulate an application with its operating environment and deliver it seamlessly from development to test to production. Containers ensure consistency in loading the application across a variety of environments including physical servers, virtual machines, private or public clouds. Despite these benefits, containers often invite security concerns. Since containers share the Linux kernel on the host machine, a bug or a vulnerability in the kernel can compromise all the containers on the host machine. This thesis presents a novel model-driven fuzzing technique that can automatically analyze the kernel sources of containers. The proposed technique exposed two unknown bugs in the kernel implementation

Department

Electrical and Computer Engineering

Description

Keywords

Containers, Virtualization, Virtual machines, Kernel vulnerabilities

LCSH Subject Headings

Citation

URI

https://hdl.handle.net/2152/84791
 http://dx.doi.org/10.26153/tsw/11762

Collections

UT Electronic Theses and Dissertations