Open this publication in new window or tab >>Show others...
2022 (English)In: Journal of Systems and Software, ISSN 0164-1212, E-ISSN 1873-1228, Vol. 186, article id 111158Article in journal (Refereed) Published
Abstract [en]
Context: Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments. Problem: Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand. Objective: We aim to support the selection and design of techniques for monitoring container-based virtualization environments. Approach:: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques. Result: As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains. Evaluation: A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits. © 2021 The Authors
Place, publisher, year, edition, pages
Elsevier Inc., 2022
Keywords
Attack analysis, Container monitoring, Intrusion detection, Security, Software and systems engineering, Virtualization, Containers, Decision support systems, Efficiency, Monitoring, Virtual reality, Continuous development, Different domains, Efficiency and reliability, Intrusion-Detection, It supports, Software and systems engineerings, Virtualizations
National Category
Computer Systems
Identifiers
urn:nbn:se:ri:diva-57895 (URN)10.1016/j.jss.2021.111158 (DOI)2-s2.0-85121691498 (Scopus ID)
Note
Funding details: 2019-03071; Funding text 1: We would like to thank the participants who took a part in the evaluation of CONSERVE. This research was partially supported by the Swedish VINNOVA FFI project CyReV: Cyber Resilience for Vehicles with diary numbers: 2018-05013 (1st phase) and 2019-03071 (2nd phase).
2022-01-102022-01-102024-03-21Bibliographically approved