Xing Gao,Zhongshu Gu,Zhengfa Li,Hani Jamjoom,Cong Wang

DOI: https://doi.org/10.1145/3319535.3354227

2019-01-01

Abstract:Linux Control Groups, i.e., cgroups, are the key building blocks to enable operating-system-level containerization. The cgroups mechanism partitions processes into hierarchical groups and applies different controllers to manage system resources, including CPU, memory, block I/O, etc. Newly spawned child processes automatically copy cgroups attributes from their parents to enforce resource control. Unfortunately, inherited cgroups confinement via process creation does not always guarantee consistent and fair resource accounting. In this paper, we devise a set of exploiting strategies to generate out-of-band>workloads via de-associating processes from their original process groups. The system resources consumed by such workloads will not be charged to the appropriate cgroups. To further demonstrate the feasibility, we present five case studies within Docker containers to demonstrate how to break the resource rein of cgroups in realistic scenarios. Even worse, by exploiting those cgroups' insufficiencies in a multi-tenant container environment, an adversarial container is able to greatly amplify the amount of consumed resources, significantly slow-down other containers on the same host, and gain extra unfair advantages on the system resources. We conduct extensive experiments on both a local testbed and an Amazon EC2 cloud dedicated server. The experimental results demonstrate that a container can consume system resources (e.g., CPU) as much as $200\times$ of its limit, and reduce both computing and I/O performance of particular workloads in other co-resident containers by 95%.

Nanzi Yang,Wenbo Shen,Jinku Li,Yutian Yang,Kangjie Lu,Jietao Xiao,Tianyu Zhou,Chenggang Qin,Wang Yu,Jianfeng Ma,Kui Ren

DOI: https://doi.org/10.1145/3460120.3484744

2021-01-01

Abstract:Due to its faster start-up speed and better resource utilization efficiency, OS-level virtualization has been widely adopted and has become a fundamental technology in cloud computing. Compared to hardware virtualization, OS-level virtualization leverages the shared-kernel design to achieve high efficiency and runs multiple user-space instances (a.k.a., containers) on the shared kernel. However, in this paper, we reveal a new attack surface that is intrinsic to OS-level virtualization, affecting Linux, FreeBSD, and Fuchsia. The root cause is that the shared-kernel design in OS-level virtualization results containers in sharing thousands of kernel variables and data structures directly and indirectly. Without exploiting any kernel vulnerabilities, a non-privileged container can easily exhaust the shared kernel variables and data structure instances to cause DoS attacks against other containers. Compared with the physical resources, these kernel variables or data structure instances (termed abstract resources) are more prevalent but underprotected. To show the importance of confining abstract resources, we conduct abstract resource attacks that target different aspects of the OS kernel. The results show that attacking abstract resources is highly practical and critical. We further conduct a systematic analysis to identify vulnerable abstract resources in the Linux kernel, which successfully detects 1,010 abstract resources and 501 of them can be repeatedly consumed dynamically. We also conduct the attacking experiments in the self-deployed shared-kernel container environments on the top 4 cloud vendors. The results show that all environments are vulnerable to abstract resource attacks. We conclude that containing abstract resources is hard and give out multiple strategies for mitigating the risks.

Nanzi Yang,Wenbo Shen,Jinku Li,Yutian Yang,Kangjie Lu,Jietao Xiao,Tianyu Zhou,Chenggang Qin,Wang Yu,Jianfeng Ma,Kui Ren

DOI: https://doi.org/10.1145/3460120.3484744

2021-01-01

Abstract:Due to its faster start-up speed and better resource utilization efficiency, OS-level virtualization has been widely adopted and has become a fundamental technology in cloud computing. Compared to hardware virtualization, OS-level virtualization leverages the shared-kernel design to achieve high efficiency and runs multiple user-space instances (a.k.a., containers) on the shared kernel. However, in this paper, we reveal a new attack surface that is intrinsic to OS-level virtualization, affecting Linux, FreeBSD, and Fuchsia. The root cause is that the shared-kernel design in OS-level virtualization results containers in sharing thousands of kernel variables and data structures directly and indirectly. Without exploiting any kernel vulnerabilities, a non-privileged container can easily exhaust the shared kernel variables and data structure instances to cause DoS attacks against other containers. Compared with the physical resources, these kernel variables or data structure instances (termed abstract resources) are more prevalent but under-protected. To show the importance of confining abstract resources, we conduct abstract resource attacks that target different aspects of the OS kernel. The results show that attacking abstract resources is highly practical and critical. We further conduct a systematic analysis to identify vulnerable abstract resources in the Linux kernel, which successfully detects 1,010 abstract resources and 501 of them can be repeatedly consumed dynamically. We also conduct the attacking experiments in the self-deployed shared-kernel container environments on the top 4 cloud vendors. The results show that all environments are vulnerable to abstract resource attacks. We conclude that containing abstract resources is hard and give out multiple strategies for mitigating the risks.

Jietao Xiao,Nanzi Yang,Wenbo Shen,Jinku Li,Xin Guo,Zhiqiang Dong,Fei Xie,Jianfeng Ma

2023-01-01

Abstract:People proposed to use virtualization techniques to reinforce the isolation between containers. In the design, each container runs inside a lightweight virtual machine (called microVM). MicroVM-based containers benefit from both the security of microVM and the high efficiency of the container, and thus are widely used on the public cloud. However, in this paper, we demonstrate a new attack surface that can be exploited to break the isolation of the microVM-based container, called operation forwarding attacks. Our key observation is that certain operations of the microVM-based container are forwarded to host system calls and host kernel functions. The attacker can leverage the operation forwarding to exploit the host kernel's vulnerabilities and exhaust host resources. To fully understand the security risk of operation forwarding attacks, we divide the components of the microVM-based container into three layers according to their functionalities and present corresponding attacking strategies to exploit the operation forwarding of each layer. Moreover, we design eight attacks against Kata Containers and Firecracker-based containers and conduct experiments on the local environment, AWS, and Alibaba Cloud. Our results show that the attacker can trigger potential privilege escalation, downgrade 93.4% IO performance and 75.0% CPU performance of the victim container, and even crash the host. We further give security suggestions for mitigating these attacks.

Yi He,Roland Guo,Yunlong Xing,Xijia Che,Kun Sun,Zhuotao Liu,Ke Xu,Qi Li

2023-01-01

Abstract:The extended Berkeley Packet Filter (eBPF) provides powerful and flexible kernel interfaces to extend the kernel functions for user space programs via running bytecode directly in the kernel space. It has been widely used by cloud services to enhance container security, network management, and system observability. However, we discover that the offensive eBPF that has been extensively discussed in Linux hosts can bring new attack surfaces to containers. With eBPF tracing features, attackers can break the container's isolation and attack the host, e.g., steal sensitive data, DoS, and even escape the container. In this paper, we study the eBPF-based cross container attacks and reveal their security impacts in real world services. With eBPF attacks, we successfully compromise five online Jupyter/Interactive Shell services and the Cloud Shell of Google Cloud Platform. Furthermore, we find that the Kubernetes services offered by three leading cloud vendors can be exploited to launch cross-node attacks after the attackers escape the container via eBPF. Specifically, in Alibaba's Kubernetes services, attackers can compromise the whole cluster by abusing their over-privileged cloud metrics or management Pods. Unfortunately, the eBPF attacks on containers are seldom known and can hardly be discovered by existing intrusion detection systems. Also, the existing eBPF permission model cannot confine the eBPF and ensure secure usage in shared-kernel container environments. To this end, we propose a new eBPF permission model to counter the eBPF attacks in containers.

Shouyin Xu,Yuewu Wang,Lingguang Lei,Kun Sun,Jiwu Jing,Siyuan Ma,Jie Wang,Heqing Huang

DOI: https://doi.org/10.1109/tifs.2024.3411915

IF: 7.231

2024-06-22

IEEE Transactions on Information Forensics and Security

Abstract:Container technology is widely adopted due to its features such as light weight and ease of rapid deployment. However, as an OS-level virtualization mechanism, container isolation relies on the kernel's security mechanisms and the kernel permission data (usually non-control flow data) used by these mechanisms. None of the existing mitigation schemes for non-control flow data attacks provide an effective and practical solution to container security since they either trigger too much overhead, have limited effectiveness over attacks launched in specific ways, or can only be used to protect some specific kernel data. In addition, none of them accurately identify the kernel data associated with container isolation. In this paper, we provide a solution called Condo that enhances container isolation by protecting the associated kernel permission data. We first present a generic non-control flow kernel data protection mechanism that protects different types of kernel data uniformly with low overhead and is not limited by attack methods or data types. We then demystify the models of various kernel access control mechanisms in the container environment, and identify the subject and object permission data that are critical to container isolation. Finally, we provide a solution named Condo to enhance container isolation, which is completely transparent to the existing container ecosystem, including containerized applications and container management/orchestration tools such as Docker. Experimental results show that Condo can effectively reduce the compromises of container isolation due to memory corruption attacks with an acceptable overhead.

computer science, theory & methods,engineering, electrical & electronic

Yutian Yang,Wenbo Shen,Bonan Ruan,Wenmao Liu,Kui Ren

DOI: https://doi.org/10.1109/tpsisa52974.2021.00016

2021-01-01

Abstract:In recent years, containerization has become a major trend in the cloud due to its high resource utilization efficiency and convenient DevOps support. However, the complexity of container system also introduces attack surfaces. This paper aims to summarize security challenges in the container cloud. In particular, we first divide the whole container system into different layers according to their functionalities, including the kernel layer, the container layer, and the orchestration layer. We then summarize security-related technologies. After that, we discuss the security challenges for each layer. Finally, we present the current protection status for the container system and highlight future research directions. Our study shows that to improve the container cloud security, we need to design and implement more robust kernel isolation mechanisms, conduct systematic and thorough security analysis on existing container techniques, and develop comprehensive configuration checking tools.

Yutian Yang,Wenbo Shen,Xun Xie,Kangjie Lu,Mingsen Wang,Tianyu Zhou,Chenggang Qin,Wang Yu,Kui Ren

DOI: https://doi.org/10.1145/3564625.3564634

2022-01-01

Abstract:Linux kernel introduces the memory control group (memcg) to account and confine memory usage at the process-level. Due to its flexibility and efficiency, memcg has been widely adopted by container platforms and has become a fundamental technique. While being critical, memory accounting is prone to missing-account bugs due to the diverse memory accounting interfaces and the massive amount of allocation/free paths. To our knowledge, there is still no systematic analysis against the memory missing-account problem, with respect to its security impacts, detection, etc. In this paper, we present the first systematic study on the memory missing-account problem. We first perform an in-depth analysis of its exploitability and security impacts on container platforms. We then develop a tool named MANTA (short for Memory AccouNTing Analyzer), which combines both static and dynamic analysis techniques to detect and validate memory missing-account bugs automatically. Our analysis shows that all container runtimes, including runC and Kata container, are vulnerable to memory missing-accountbased attacks. Moreover, memory missing-account can be exploited to attack the Docker, the CaaS, and the FaaS platforms, leading to memory exhaustion, which crashes individual node or even the whole cluster. Our tool reports 53 exploitable memory missingaccount bugs, 37 of which were confirmed by kernel developers with the corresponding patches submitted, and two new CVEs are assigned. Through the in-depth analysis, automated detection, the reported bugs and the submitted patches, we believe our research improves the correctness and security of memory accounting for container platforms.

Zhiyuan Wan,David Lo,Xin Xia,Liang Cai

DOI: https://doi.org/10.1007/s10664-019-09737-2

IF: 3.762

2019-01-01

Empirical Software Engineering

Abstract:A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through the system call interface. In this paper, we present an approach that mines sandboxes and enables fine-grained sandbox enforcement for containers. We first explore the behavior of a container by running test cases and monitor the accessed system calls including types and arguments during testing. We then characterize the types and arguments of system call invocations and translate them into sandbox rules for the container. The mined sandbox restricts the container’s access to system calls which are not seen during testing and thus reduces the attack surface. In the experiment, our approach requires less than eleven minutes to mine a sandbox for each of the containers. The estimation of system call coverage of sandbox mining ranges from 96.4% to 99.8% across the containers under the limiting assumptions that the test cases are complete and only static system/application paths are used. The enforcement of mined sandboxes incurs low performance overhead. The mined sandboxes effectively reduce the attack surface of containers and can prevent the containers from security breaches in reality.

Haneul Lee,Soonhong Kwon,Jong-Hyouk Lee

DOI: https://doi.org/10.3390/electronics12040940

IF: 2.9

2023-02-16

Electronics

Abstract:Docker has become widely used as an open-source platform for packaging and running applications as containers. It is in the limelight especially at companies and IT developers that provide cloud services thanks to its advantages such as the portability of applications and being lightweight. Docker provides communication between multiple containers through internal network configuration, which makes it easier to configure various services by logically connecting containers to each other, but cyberattacks exploiting the vulnerabilities of the Docker container network, e.g., distributed denial of service (DDoS) and cryptocurrency mining attacks, have recently occurred. In this paper, we experiment with cyberattacks such as ARP spoofing, DDoS, and elevation of privilege attacks to show how attackers can execute various attacks and analyze the results in terms of network traffic, CPU consumption, and malicious reverse shell execution. In addition, by examining the attacks from the network perspective of the Docker container environment, we lay the groundwork for detecting and preventing lateral movement attacks that may occur between the Docker containers.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhiyuan Wan,David Lo,Xin Xia,Liang Cai,Shanping Li

DOI: https://doi.org/10.1109/ICST.2017.16

2017-12-15

Abstract:A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through system call interface. In this paper, we present an approach that mines sandboxes for containers. We first explore the behaviors of a container by leveraging automatic testing, and extract the set of system calls accessed during testing. The set of system calls then results as a sandbox of the container. The mined sandbox restricts the container's access to system calls which are not seen during testing and thus reduces the attack surface. In the experiment, our approach requires less than eleven minutes to mine sandbox for each of the containers. The enforcement of mined sandboxes does not impact the regular functionality of a container and incurs low performance overhead.

Cryptography and Security

Liping Xie,Weichao Wang,Yu Wang

DOI: https://doi.org/10.1109/icc.2019.8761810

2019-01-01

Abstract:Cloud manufacturing (CM) is an open and service-oriented platform that virtualizes distributed design, machining, and assembly resources together in order to provide a seamless, adaptive, and high quality transaction of manufacturing procedures. Despite the results in resource discovery and planning, the research in robustness and security of the systems falls behind in many aspects. The lack of such knowledge puts a serious challenge for the wide deployment and adoption of cloud manufacturing which is naturally connected to the Internet and exposed to cyber attacks. To bridge this gap, we study a specific type of equipment contention attack in cloud manufacturing. Through requesting extra shares of scarce resources, an attacker can gain advantage in competition with other users and reduce the efficiency of the overall system. We design a mechanism to mitigate such attacks through measuring the remaining machining capabilities in the cloud. The cloud administrator can control cost difference between the attacker and subsequent service requesters. Simulations of a mid-size city manufacturing cloud are conducted and the results show that our approach will incur low increases in cost for benign users while discouraging the equipment contention attacks.

Yang Luo,Wu Luo,Xiaoning Sun,Qingni Shen,Anbang Ruan,Zhonghai Wu

DOI: https://doi.org/10.1109/trustcom.2016.0119

2016-01-01

Abstract:Over the last few years, the cloud computing industry has witnessed the wider adoption of the container-based technologies. And it is obvious to see that Docker has become the de facto standard of the container-based approaches. However, the security mechanism of Docker is far from satisfaction owing to its rapid development without adequate security concerns. This paper primarily identifies several possible covert channels against Docker, which causes critical results like information leak between one container and another (or even the host). Furthermore, we also categorizes the Linux capabilities used by Docker into different groups and find a way to identify the misconfiguration of capabilities based on our classification result. We prove false-negative capabilities to be dangerous by finding a covert channel associated with them. The paper also demonstrates how false-positive capabilities are already well restricted by the current isolating mechanism of Docker via a call analysis approach. So these capabilities can be securely granted to the containers. The experimental results indicate that the proposed covert channels can reach a capacity as high as 733.5b/s at the precision no lower than 90%. At last, the paper discusses what could be done when using Docker to increase its level of security.

Wei Liu,Jun Yan,Xingshen Wei,Haiqing Wang,Shishun Zhu

DOI: https://doi.org/10.1109/cieec50170.2021.9510589

2021-05-28

Abstract:In recent years, due to the elastic container technical characteristics and active open source community support, container technology has become an important basic technology for the new digital infrastructure of power. Now, the container technology is very popular and widely used in power cloud platform, but the problem of power system security risk caused by container can’t be ignored. Aiming at the problem of container security, this paper proposes a lightweight container security enhancement framework. Based on the methods of lightweight hardware virtualization isolation, cloud trust, and transparent encryption and decryption of container data, we implemented the container framework in the power cloud platform. Experiments show that the mechanism has played a practical role and has little impact on the business in terms of performance.

Mengqi Zhan,Yang Li,Huiran Yang,Guangxi Yu,Bo Li,Weiping Wang

DOI: https://doi.org/10.1109/tsc.2022.3194266

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Denial of service (DoS) attacks have increasingly exploited vulnerabilities in algorithms or implementation methods in application-layer programs. In this type of attack, called CPU-exhaustion DoS attack, a few well-crafted requests may consume a lot of server resources, which is essentially different from traditional volumetric DoS attacks. Due to the lack of recognizable patterns, the traditional network-layer defense mechanism is usually unable to detect such sophisticated DoS attacks. In this article, we propose Coda, a framework for detecting application-layer CPU-exhaustion DoS attacks in containers. Coda monitors the CPU time consumed by each connection and uses statistical methods to detect attacks. It traces system calls and other related information from the container based on Linux eBPF at the host level. Some specific system calls are used to indicate the establishment and closure of the connection, which in turn indicate the start/end of the request processing. After triggering these specific system calls, Coda starts/ends monitoring the CPU time consumed by a connection. An attack can be detected when the CPU time consumed by an attack connection is statistically different from that consumed by a legitimate connection. Coda has the following key advantages. First, it works with programs built in different programming languages. Second, it remains agnostic to the source code of protected programs. Third, it supports monitoring the container and is transparent to the container. Through evaluation of real-world attacks, we demonstrate that Coda can accurately detect ongoing application-layer CPU-exhaustion DoS attacks with low additional overhead.

computer science, information systems, software engineering

Yulong Wang,Qixu Wang,Xingshu Chen,Dajiang Chen,Xiaojie Fang,Mingyong Yin,Ning Zhang

DOI: https://doi.org/10.1109/tii.2020.3047416

IF: 12.3

2022-05-01

IEEE Transactions on Industrial Informatics

Abstract:As a lightweight, flexible, and high-performance operating system virtualization, containers are used to speed up the big data platform. However, due to the imperfection of the resource isolation mechanism and the property of shared kernel, the meltdown and spectre attacks can lead to information leakage of kernel space and coresident containers. In this article, a noise-resilient and real-time detection system, named ContainerGuard, is proposed to detect meltdown and spectre attacks in the container-based big data platform. ContainerGuard uses a nonintrusive manner to collect lifecycle multivariate time-series performance event data of processes in containers and then uses ensemble of variational autoencoders as generative neural networks to learn the robust representations of normal patterns. Therefore, ContainerGuard meets the urgent need for information protection in the container-based big data platform. Our evaluations using real-world datasets show that ContainerGuard achieves excellent detection performance and only introduces about 4.5% of running performance overhead to the platform.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Kai Chen,Yufei Zhao,Jing Guo,Zhimin Gu,Longxi Han,Keyi Tang

DOI: https://doi.org/10.3390/electronics13234773

IF: 2.9

2024-12-04

Electronics

Abstract:With the rapid advancement in edge computing, container technology has gained widespread adoption. This is due to its lightweight isolation mechanisms, high portability, and fast deployment capabilities. Despite these advantages, container technology also introduces significant security risks. One of the most critical is container escape. However, current detection research is incomplete. Many methods lack comprehensive detection coverage or fail to fully reconstruct the attack process. To address these gaps, this paper proposes a container escape detection method based on a dependency graph. The method uses various nodes and edges to describe diverse system behaviors. This approach enables the detection of a broader range of attack types. It also effectively captures the contextual relationships between system events, facilitating attack traceability and reconstruction. We design a method to identify container processes on the dependency graph through label generation and propagation. Based on this, container escape detection is implemented using file access control within the graph. Experimental results demonstrate the effectiveness of the proposed method in detecting container escapes.

engineering, electrical & electronic,computer science, information systems,physics, applied

Luis Augusto Dias Knob,Matteo Franzil,Domenico Siracusa

2024-01-19

Abstract:Kubernetes (K8s) has grown in popularity over the past few years to become the de-facto standard for container orchestration in cloud-native environments. While research is not new to topics such as containerization and access control security, the Application Programming Interface (API) interactions between K8s and its runtime interfaces have not been studied thoroughly. In particular, the CRI-API is responsible for abstracting the container runtime, managing the creation and lifecycle of containers along with the downloads of the respective images. However, this decoupling of concerns and the abstraction of the container runtime renders K8s unaware of the status of the downloading process of the container images, obstructing the monitoring of the resources allocated to such process. In this paper, we discuss how this lack of status information can be exploited as a Denial of Service attack in a K8s cluster. We show that such attacks can generate up to 95% average CPU usage, prevent downloading new container images, and increase I/O and network usage for a potentially unlimited amount of time. Finally, we propose two possible mitigation strategies: one, implemented as a stopgap solution, and another, requiring more radical architectural changes in the relationship between K8s and the CRI-API.

Cryptography and Security

Mohamed Azab,Bassem Mokhtar,Amr S. Abed,Mohamed Eltoweissy

DOI: https://doi.org/10.48550/arXiv.1611.03065

2016-11-09

Cryptography and Security

Abstract:This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a "predator searching for a prey" search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system that seamlessly monitors containers for indications of intrusions and attacks. To evaluate ESCAPE effectiveness, we simulated the attack avoidance process based on a mathematical model mimicking the prey-vs-predator search game. Simulation results show high container survival probabilities with minimal added overhead.

Weijie Liu,Hongbo Chen,XiaoFeng Wang,Zhi Li,Danfeng Zhang,Wenhao Wang,Haixu Tang

DOI: https://doi.org/10.48550/arXiv.2109.01923

2021-09-05

Abstract:As an emerging technique for confidential computing, trusted execution environment (TEE) receives a lot of attention. To better develop, deploy, and run secure applications on a TEE platform such as Intel's SGX, both academic and industrial teams have devoted much effort to developing reliable and convenient TEE containers. In this paper, we studied the isolation strategies of 15 existing TEE containers to protect secure applications from potentially malicious operating systems (OS) or untrusted applications, using a semi-automatic approach combining a feedback-guided analyzer with manual code review. Our analysis reveals the isolation protection each of these TEE containers enforces, and their security weaknesses. We observe that none of the existing TEE containers can fulfill the goal they set, due to various pitfalls in their design and implementation. We report the lessons learnt from our study for guiding the development of more secure containers, and further discuss the trend of TEE container designs. We also release our analyzer that helps evaluate the container middleware both from the enclave and from the kernel.

Cryptography and Security