konsthol/Thesis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
87f796098651bbef152ebc9a21a12058f40e0fb8
Thesis/Bibliography.bib

1419 lines
41 KiB
BibTeX
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
@inproceedings{balduzzi2012security,
author = {Balduzzi, Marco and Zaddach, Jonas and Balzarotti, Davide and Kirda, Engin and Loureiro, Sergio},
title = {A Security Analysis of Amazon's Elastic Compute Cloud Service},
year = {2012},
isbn = {9781450308571},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/2245276.2232005},
doi = {10.1145/2245276.2232005},
booktitle = {Proceedings of the 27th Annual ACM Symposium on Applied Computing},
pages = {14271434},
numpages = {8},
keywords = {security, elastic compute cloud service, cloud computing},
location = {Trento, Italy},
series = {SAC '12},
urldate = {2023-12-04},
}
@online{bui2015analysis,
doi = {10.48550/ARXIV.1501.02967},
url = {https://arxiv.org/abs/1501.02967},
author = {Bui, Thanh},
keywords = {Cryptography and Security (cs.CR), FOS: Computer and information sciences, FOS: Computer and information sciences},
title = {Analysis of Docker Security},
publisher = {arXiv},
year = {2015},
copyright = {arXiv.org perpetual, non-exclusive license},
urldate = {2023-06-02},
}
@online{containerHistory,
title = {The evolution of containers: Docker, Kubernetes and the future},
author = {Emily Mell},
year = {2023},
url = {https://www.techtarget.com/searchitoperations/feature/Dive-into-the-decades-long-history-of-container-technology},
urldate = {2023-10-31},
}
@online{chrootCommand,
title = {The chroot command in Linux Beginners Introduction},
author = {Deeptendu Santra},
year = {2021},
url = {https://www.linuxfordevices.com/tutorials/linux/chroot-command-in-linux},
urldate = {2023-04-07},
}
@online{LXCvsDocker,
title = {LXC vs Docker: Which Container Platform Is Right for You?},
author = {Eric Kahuha},
year = {2023},
url = {https://earthly.dev/blog/lxc-vs-docker/},
urldate = {2023-08-05},
}
@online{chrootRestrictions,
title = {Is chroot a security feature?},
author = {March 27, 2013Josh Bressers},
year = {2023},
url = {https://www.redhat.com/en/blog/chroot-security-feature},
urldate = {2023-08-07},
}
@online{LXCvsDocker2,
title = {The Untold Story: Containers Before Docker's Rise - The LXC Revolution},
author = {Dinesh Patil},
year = {2023},
url = {https://www.linkedin.com/pulse/untold-story-containers-before-dockers-rise-lxc-revolution-patil},
urldate = {2023-09-20},
}
@online{Hyperjacking,
title = {What Is Hyperjacking? How to Prevent Hyperjacking on a VM},
author = {Allan Jay Monteclaro},
year = {2023},
url = {https://www.serverwatch.com/virtualization/hyperjacking/},
urldate = {2023-08-20},
}
@online{waterfall,
title = {Waterfall Methodology: A Comprehensive Guide},
author = {ATLASSIAN},
url = {https://www.atlassian.com/agile/project-management/waterfall-methodology},
urldate = {2023-03-26},
}
@online{agile,
title = {What Is Agile Project Management? The Ultimate Guide},
author = {Lee Davis},
year = {2022},
url = {https://www.forbes.com/advisor/business/what-is-agile-project-management/},
urldate = {2023-06-20},
}
@online{devops,
title = {DevOps},
author = {Synopsys},
url = {https://www.synopsys.com/glossary/what-is-devops.html},
urldate = {2023-02-06},
}
@online{cicd,
title = {What is CI/CD?},
author = {GitLab},
url = {https://about.gitlab.com/topics/ci-cd/},
urldate = {2023-03-19},
}
@online{caas,
title = {What is CaaS?},
author = {Sumo Logic},
url = {https://www.sumologic.com/glossary/caas/},
urldate = {2023-05-24},
}
@online{caasVsIaas,
title = {Container as a Service: The Basics and Top 4 Providers},
author = {aquasec},
year = {2023},
url = {https://www.aquasec.com/cloud-native-academy/container-platforms/container-as-a-service/},
urldate = {2023-04-30},
}
@online{howCaasWorks,
title = {The Guide to Containers-as-a-Service (CaaS)},
author = {Karim Traiaia},
year = {2023},
url = {https://www.kerno.io/blog/containers-as-a-service-caas},
urldate = {2023-07-24},
}
@online{multiCloud,
title = {What Is Multi-Cloud? Features, Architecture, Pros \& Cons},
author = {Sarim Javaid},
year = {2023},
url = {https://www.cloudways.com/blog/what-is-multi-cloud/},
urldate = {2023-03-05},
}
@online{containerSecurity,
title = {Containers or virtual machines: Which is more secure? The answer will surprise you},
author = {Steven Vaughan-Nichols},
year = {2018},
url = {https://www.zdnet.com/article/which-is-more-secure-containers-or-virtual-machines-the-answer-will-surprise-you/},
urldate = {2023-08-25},
}
@online{containerSecurityExplained,
title = {Containers and Cloud Security},
author = {James Bottomley},
year = {2018},
url = {https://blog.hansenpartnership.com/containers-and-cloud-security/},
urldate = {2023-07-27},
}
@online{containerEscapeTechniques,
title = {7 Ways to Escape a Container},
author = {Ori Abargil},
year = {2023},
url = {https://www.panoptica.app/research/7-ways-to-escape-a-container},
urldate = {2023-10-23},
}
@online{saasPricingModel,
title = {Our guide to every SaaS pricing model},
author = {vendr},
year = {2022},
url = {https://www.vendr.com/blog/saas-pricing-model#value-based-saas-pricing-models},
urldate = {2023-11-03},
}
@online{paasPricingModel,
title = {PaaS (Platform-as-a-Service) - definition \& overview},
author = {Sumo Logic},
url = {https://www.sumologic.com/glossary/paas/},
urldate = {2023-04-08},
}
@online{cloudDeploymentModels,
title = {An Overview of Cloud Deployment Models},
author = {Intel},
url = {https://www.intel.com/content/www/us/en/cloud-computing/deployment-models.html},
urldate = {2023-07-08},
}
@online{redhatVirtualizationManagement,
title = {What is virtualization management?},
author = {Red Hat},
year = {2018},
url = {https://www.redhat.com/en/topics/virtualization/what-is-virtualization-management},
urldate = {2023-01-11},
}
@online{phoenixnapHypervisors,
title = {What is a Hypervisor? Types of Hypervisors 1 \& 2},
author = {Sofija Simic},
year = {2022},
url = {https://phoenixnap.com/kb/what-is-hypervisor-type-1-2},
urldate = {2023-06-26},
}
@online{amazonHypervisors,
title = {Whats the Difference Between Type 1 and Type 2 Hypervisors?},
author = {Amazon Web Services},
url = {https://aws.amazon.com/compare/the-difference-between-type-1-and-type-2-hypervisors/},
urldate = {2023-01-29},
}
@online{vmfailover,
title = {What Is a Failover? Clustering and Replication Use Cases},
author = {NAKIVO Team},
year = {2023},
url = {https://www.nakivo.com/blog/vm-failover-guide/},
urldate = {2023-10-23},
}
@online{kvm,
title = {What is KVM?},
author = {Red Hat},
year = {2022},
url = {https://www.redhat.com/en/topics/virtualization/what-is-KVM},
urldate = {2023-01-27},
}
@online{dataVirtualization,
title = {Data Virtualization: Process, Components, Benefits, and Available Tools},
author = {altexsoft},
year = {2021},
url = {https://www.altexsoft.com/blog/data-virtualization/},
urldate = {2023-10-07},
}
@online{desktopVirtualization,
title = {What is Desktop Virtualization?},
author = {VMware},
url = {https://www.vmware.com/topics/glossary/content/desktop-virtualization.html},
urldate = {2023-11-11},
}
@online{redhatNFV,
title = {What is NFV?},
author = {Red Hat},
year = {2019},
url = {https://www.redhat.com/en/topics/virtualization/what-is-nfv},
urldate = {2023-08-18},
}
@online{vmwareMemoryVirtualization,
title = {Memory Virtualization},
author = {VMware},
year = {2019},
url = {https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-6E85F6DE-7365-4C28-B902-725D3C76C2E6.html},
urldate = {2023-03-24},
}
@online{codingninjasMemoryVirtualization,
title = {Processor and Memory Virtualization},
author = {Rajat Agrawal},
year = {2023},
url = {https://www.codingninjas.com/studio/library/processor-and-memory-virtualization},
urldate = {2023-12-10},
}
@online{ubackupStorageVirtualization,
title = {What Is Storage Virtualization | Introduction and Implementation},
author = {Crystal},
year = {2022},
url = {https://www.ubackup.com/enterprise-backup/storage-virtualization-jkzbj.html},
urldate = {2023-11-13},
}
@online{unixarenaVirtualization,
title = {Virtualization \& Hypervisor Basic Interview Questions},
author = {LINGESH},
year = {2019},
url = {https://www.unixarena.com/2019/08/virtualization-hypervisor-basic-interview-questions.html/},
urldate = {2023-09-01},
}
@online{cloudinfraStorageVirtualization,
title = {Storage Virtualization in Cloud Computing How it Works (Use Cases)},
author = {Dennis Muvaa},
url = {https://cloudinfrastructureservices.co.uk/storage-virtualization-in-cloud-computing-how-it-works-use-cases/},
urldate = {2023-08-17},
}
@online{tutorialsPointVirtualization,
title = {Virtualization 2.0 - Overview},
author = {Tutorials Point},
url = {https://www.tutorialspoint.com/virtualization2.0/virtualization2.0_overview.htm},
urldate = {2023-02-28},
}
@online{geeksforgeeksApplicationVirtualization,
title = {Virtualisation with Docker Containers},
author = {GeeksforGeeks},
year = {2023},
url = {https://www.geeksforgeeks.org/virtualisation-with-docker-containers/},
urldate = {2023-04-02},
}
@online{mediumVirtualization,
title = {Virtualization in Cloud Computing: Bridging the Gap Between Resources and Efficiency},
author = {TechClaw},
year = {2023},
url = {https://medium.com/@techclaw/virtualization-in-cloud-computing-bridging-the-gap-between-resources-and-efficiency-3c5a9c65981e},
urldate = {2023-11-30},
}
@online{insightsForProfessionalsParavirtualization,
title = {Paravirtualization vs. Full Virtualization: Pros and Cons},
author = {Insights for Professionals},
year = {2022},
url = {https://www.insightsforprofessionals.com/it/data-center/paravirtualization-alternative-full-virtualization},
urldate = {2023-08-23},
}
@online{blackberryParavirtualization,
title = {Paravirtualization},
author = {BlackBerry},
url = {https://blackberry.qnx.com/en/ultimate-guides/automotive-hypervisor/paravirtualization},
urldate = {2023-11-30},
}
@online{serverWatchParavirtualization,
title = {What Is Paravirtualization? Definition and Uses},
author = {Ray Fernandez},
year = {2023},
url = {https://www.serverwatch.com/virtualization/what-is-paravirtualization/},
urldate = {2023-11-13},
}
@online{servermaniaParavirtualization,
title = {What is Paravirtualization in Cloud Computing?},
author = {Milad Karimyar},
year = {2023},
url = {https://blog.servermania.com/what-is-paravirtualization},
urldate = {2023-12-09},
}
@online{vmSnapshots,
title = {Understanding the Correct Use of VM Snapshots},
author = {Nicolette Carklin},
year = {2021},
url = {https://www.parallels.com/blogs/ras/vm-snapshot/},
urldate = {2023-03-25},
}
@online{techtargetHypervisorSecurity,
title = {Virtual security tactics for Type 1 and Type 2 hypervisors},
author = {Stephen J. Bigelow},
year = {2013},
url = {https://www.techtarget.com/searchitoperations/answer/Virtual-security-tactics-for-Type-1-and-Type-2-hypervisors},
urldate = {2023-03-31},
}
@online{hostitsmartMemoryVirtualization,
title = {Memory Virtualization in Cloud Computing},
author = {Host IT Smart},
url = {https://www.hostitsmart.com/blog/memory-virtualization-in-cloud-computing/},
urldate = {2023-08-02},
}
@online{petriMemoryVirtualization,
title = {Intro to Virtualization: Hardware, Software, Memory, Storage, Data and Network Virtualization Defined},
author = {Bill Hill},
year = {2012},
url = {https://petri.com/intro-to-virtualization/},
urldate = {2023-01-13},
}
@online{containerEscapeRepercussions,
title = {5 security concerns when using Docker},
author = {Adrian Mouat},
year = {2016},
url = {https://www.oreilly.com/content/five-security-concerns-when-using-docker/},
urldate = {2023-12-06},
}
@online{kubernetes,
title = {What is Kubernetes?},
author = {Justin Ellingwood},
year = {2018},
url = {https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes},
urldate = {2023-01-21},
}
@online{dockerSwarm,
title = {What is Docker Swarm: Modes, Example and Working},
author = {Simplilearn},
year = {2023},
url = {https://www.simplilearn.com/tutorials/docker-tutorial/docker-swarm},
urldate = {2023-10-14},
}
@online{deviceWhitelistController,
title = {Device Whitelist Controller},
author = {The Linux kernel users and administrators guide},
url = {https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/devices.html},
urldate = {2023-03-26},
}
@online{dockerInherentSecurity,
title = {The Inherent Security Benefits of Docker Containers},
author = {Christopher Tozzi},
year = {2017},
url = {https://cloudnativenow.com/features/security-benefits-docker-containers/},
urldate = {2023-12-10},
}
@online{ibmVirtualizationDefinition,
title = {What is virtualization?},
author = {IBM},
url = {https://www.ibm.com/topics/virtualization},
urldate = {2023-02-20},
}
@online{redhatVirtualization,
title = {What is virtualization?},
author = {Red Hat},
year = {2018},
url = {https://www.redhat.com/en/topics/virtualization/what-is-virtualization},
urldate = {2023-05-21},
}
@online{suseParavirtualizationDefinition,
title = {Paravirtualization},
author = {SUSE},
url = {https://www.suse.com/suse-defines/definition/paravirtualization/},
urldate = {2023-06-09},
}
@online{geeksforgeeksParavirtualizationDefinition,
title = {Difference between Full Virtualization and Paravirtualization},
author = {GeeksforGeeks},
year = {2022},
url = {https://www.geeksforgeeks.org/difference-between-full-virtualization-and-paravirtualization/},
urldate = {2023-04-25},
}
@online{geeksforgeeksHardwareAssistedVirtualization,
title = {Hardware Based Virtualization},
author = {GeeksforGeeks},
url = {https://www.geeksforgeeks.org/hardware-based-virtualization/},
urldate = {2023-03-29},
}
@online{sysdigContainerRuntime,
title = {What are Container Runtimes?},
author = {Sysdig},
url = {https://sysdig.com/learn-cloud-native/container-security/what-are-container-runtimes/},
urldate = {2023-01-25},
}
@online{codemotionContainerImages,
title = {Container Images: Technical Refresher and Security Best Practices},
author = {Gilad David Maayan},
year = {2023},
url = {https://www.codemotion.com/magazine/cybersecurity/container-images-technical-refresher-and-security-best-practices/},
urldate = {2023-10-28},
}
@online{teimouriOsVirtualizationDefinition,
title = {Operating-system-level virtualization},
author = {Davoud Teimouri},
year = {2017},
url = {https://www.teimouri.net/operating-system-level-virtualization/},
urldate = {2023-01-06},
}
@online{webopediaOsVirtualizationDefinition,
title = {Operating System-Level Virtualization},
author = {Vangie Beal},
year = {2021},
url = {https://www.webopedia.com/definitions/operating-system-level-virtualization/},
urldate = {2023-09-24},
}
@online{ParavirtualizationSecurity,
title = {Why Your Virtual Servers May be More Secure Than Their Physical Counterparts},
author = {Andrew Mallett},
year = {2019},
url = {https://ine.com/blog/why-your-virtual-servers-may-be-more-secure-than-their-physical-counterparts},
urldate = {2023-03-11},
}
@online{ParavirtualizationVmware,
title = {Understanding Full Virtualization, Paravirtualization and Hardware Assisted Virtualization},
author = {VMware},
year = {2007},
url = {https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/VMware_paravirtualization.pdf},
urldate = {2023-03-23},
}
@online{awsMicroservices,
title = {What are Microservices?},
author = {AWS},
url = {https://aws.amazon.com/microservices/},
urldate = {2023-11-19},
}
@online{cloudzeroScalability,
title = {Horizontal Vs. Vertical Scaling: How Do They Compare?},
author = {Cody Slingerland},
year = {2023},
url = {https://www.cloudzero.com/blog/horizontal-vs-vertical-scaling/},
urldate = {2023-05-08},
}
@online{abacusFullParaOSVirtualization,
title = {Three Types of Server Virtualization Explained},
author = {Abacus},
url = {https://goabacus.com/three-types-of-server-virtualization-explained/},
urldate = {2023-11-29},
}
@online{ibmHypervisorDefinition,
title = {What are hypervisors?},
author = {IBM},
url = {https://www.ibm.com/topics/hypervisors},
urldate = {2023-03-31},
}
@online{ibmContainerizationDefinition,
title = {What is containerization?},
author = {IBM},
url = {https://www.ibm.com/topics/containerization},
urldate = {2023-11-29},
}
@online{ibmContainerSurvey,
title = {Containers in the enterprise},
author = {IBM},
year = {2020},
url = {https://www.ibm.com/downloads/cas/VG8KRPRM},
urldate = {2023-12-08},
}
@online{ibmContainerVsVm,
title = {Containers vs. Virtual Machines (VMs): Whats the Difference?},
author = {IBM},
year = {2021},
url = {https://www.ibm.com/blog/containers-vs-vms/},
urldate = {2023-11-17},
}
@online{ciaTriad,
title = {What is the CIA triad (confidentiality, integrity and availability)?},
author = {Wesley Chai},
year = {2023},
url = {https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA},
urldate = {2023-11-11},
}
@online{redhatVirtualizationDefinition,
title = {Understanding virtualization},
author = {Red Hat},
year = {2018},
url = {https://www.redhat.com/en/topics/virtualization},
urldate = {2023-08-11},
}
@online{redhatContainerVsVm,
title = {Containers vs VMs},
author = {Red Hat},
year = {2020},
url = {https://www.redhat.com/en/topics/containers/containers-vs-vms},
urldate = {2023-06-02},
}
@online{dockerAlternatives,
title = {What Are The Best Docker Alternatives in 2022?},
author = {Cody Slingerland},
year = {2022},
url = {https://www.cloudzero.com/blog/docker-alternatives/},
urldate = {2023-06-07},
}
@article{yasrab2018mitigating,
title = {Mitigating docker security issues},
author = {Yasrab, Robail},
year = {2023},
journal = {arXiv preprint arXiv:1804.05039},
urldate = {2023-07-29},
}
@article{mell2011nist,
title = {The NIST Definition of Cloud Computing},
author = {Peter Mell and Timothy Grance},
year = {2011},
month = {09},
publisher = {Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD},
doi = {https://doi.org/10.6028/NIST.SP.800-145},
language = {en},
urldate = {2023-11-12},
}
@inproceedings{reshetova2014security,
title = {Security of OS-level virtualization technologies},
author = {Reshetova, Elena and Karhunen, Janne and Nyman, Thomas and Asokan, N},
booktitle = {Nordic Conference on Secure IT Systems},
pages = {77--93},
year = {2014},
organization = {Springer},
urldate = {2023-08-01},
}
@online{enisaSecurityOfVirtualization,
title = {Security aspects of virtualization},
author = {ENISA},
year = {2017},
url = {https://www.enisa.europa.eu/publications/security-aspects-of-virtualization},
urldate = {2023-10-14},
}
@article{arif2015virtualization,
title = {Virtualization security: analysis and open challenges},
author = {Arif, Muhammad and Shakeel, Haroon},
journal = {International Journal of Hybrid Information Technology},
volume = {8},
number = {2},
pages = {237--246},
year = {2015},
urldate = {2023-09-30},
}
@inproceedings{wen2008sevmm,
title = {Sevmm: Vmm-based security control model},
author = {Wen-Zhi, Chen and Hong-Wei, Zhu and Wei, Huang},
booktitle = {2008 International Conference on Cyberworlds},
pages = {820--823},
year = {2008},
organization = {IEEE},
urldate = {2023-02-14},
}
@inproceedings{virtualizationSecurity,
author = {Sane, Bernard and Niang, Ibrahima and Fall, Doudou},
year = {2018},
month = {12},
pages = {1317-1322},
title = {A Review of Virtualization, Hypervisor and VM Allocation Security: Threats, Vulnerabilities, and Countermeasures},
doi = {10.1109/CSCI46756.2018.00255},
urldate = {2023-06-13},
}
@article{Aalam_2021,
doi = {10.1088/1742-6596/1950/1/012027},
url = {https://dx.doi.org/10.1088/1742-6596/1950/1/012027},
year = {2021},
month = {aug},
publisher = {IOP Publishing},
volume = {1950},
number = {1},
pages = {012027},
author = {Zunaid Aalam and Vinod Kumar and Surendra Gour},
title = {A review paper on hypervisor and virtual machine security},
journal = {Journal of Physics: Conference Series},
urldate = {2023-04-20},
}
@online{geeksforgeeksVirtualizationSecurityGoodPractices,
title = {Hypervisor Security in Cloud Computing},
author = {GeeksforGeeks},
year = {2023},
url = {https://www.geeksforgeeks.org/hypervisor-security-in-cloud-computing/},
urldate = {2023-07-07},
}
@online{accessAuthorizationPlugin,
title = {Access authorization plugin},
author = {Docker},
url = {https://docs.docker.com/engine/extend/plugins_authorization/#access-authorization-plugin},
urldate = {2023-05-25},
}
@online{podman,
title = {What is Podman?},
author = {Red Hat},
year = {2022},
url = {https://www.redhat.com/en/topics/containers/what-is-podman},
urldate = {2023-05-01},
}
@online{containerdRunc,
title = {The differences between Docker, containerd, CRI-O and runC},
author = {Tom Donohue},
year = {2023},
url = {https://www.tutorialworks.com/difference-docker-containerd-runc-crio-oci/},
urldate = {2023-05-13},
}
@online{containerOSlimitations,
title = {Virtualization vs. Containerization — Comparing Differences},
author = {Liquid Web},
year = {2023},
url = {https://www.liquidweb.com/kb/virtualization-vs-containerization/},
urldate = {2023-12-10},
}
@online{applicationContainerization,
title = {Containerized Applications Overview},
author = {Knowledge Center},
url = {https://www.datadoghq.com/knowledge-center/containerized-applications/},
urldate = {2023-10-29},
}
@online{selinux,
title = {What is SELinux?},
author = {Red Hat},
year = {2019},
url = {https://www.redhat.com/en/topics/linux/what-is-selinux},
urldate = {2023-04-08},
}
@online{seccomp,
title = {Improving Linux container security with seccomp},
author = {Valentin Rothberg},
year = {2020},
url = {https://www.redhat.com/sysadmin/container-security-seccomp},
urldate = {2023-07-11},
}
@online{vulsArchitecture,
title = {Vuls Architecture},
author = {future-architect},
url = {https://vuls.io/docs/en/architecture-remote-scan.html},
urldate = {2023-12-05},
}
@online{vulsDeepScan,
title = {Fast-Root Scan},
author = {Vuls},
url = {https://vuls.io/docs/en/architecture-fast-root-scan.html},
urldate = {2023-12-05},
}
@online{libcloudProviders,
title = {Apache Libcloud - Supported Providers},
author = {The Apache Software Foundation},
url = {https://libcloud.readthedocs.io/en/stable/compute/supported_providers.html},
urldate = {2023-08-07},
}
@article{litchfield2016virtualization,
title={Virtualization technology: Cross-vm cache side channel attacks make it vulnerable},
author={Litchfield, Alan and Shahzad, Abid},
journal={arXiv preprint arXiv:1606.01356},
year={2016},
urldate = {2024-02-04},
}
@inproceedings{zhang2012crossvmkeys,
author = {Zhang, Yinqian and Juels, Ari and Reiter, Michael K. and Ristenpart, Thomas},
title = {Cross-VM side channels and their use to extract private keys},
year = {2012},
isbn = {9781450316514},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/2382196.2382230},
doi = {10.1145/2382196.2382230},
booktitle = {Proceedings of the 2012 ACM Conference on Computer and Communications Security},
pages = {305316},
numpages = {12},
keywords = {cache-based side channel, cross-vm side channel, side-channel attack},
location = {Raleigh, North Carolina, USA},
series = {CCS '12},
urldate = {2024-02-04},
}
@inproceedings{vmrollbackattack,
author = {Xia, Yubin and Liu, Yutao and Chen, Haibo and Zang, Binyu},
year = {2012},
month = {06},
pages = {1-5},
title = {Defending against VM rollback attack},
isbn = {978-1-4673-2264-5},
doi = {10.1109/DSNW.2012.6264690},
urldate = {2024-02-04},
}
@online{technopediaVmHopping,
title = {Virtual Machine Hyper Jumping},
author = {Margaret Rouse},
year = {2015},
url = {https://www.techopedia.com/definition/30921/virtual-machine-hyper-jumping-vm-jumping},
urldate = {2024-02-04},
}
@article{abusaimeh2020virtual,
title = {Virtual machine escape in cloud computing services},
author = {Abusaimeh, Hesham},
journal = {International Journal of Advanced Computer Science and Applications},
volume = {11},
number = {7},
year = {2020},
publisher = {Science and Information (SAI) Organization Limited},
urldate = {2024-02-04},
}
@online{containersVsVMs,
title = {A Complete Overview of Docker Architecture},
author = {Winnie Ondara},
year = {2022},
url = {https://www.cherryservers.com/blog/a-complete-overview-of-docker-architecture},
urldate = {2024-02-08},
}
@online{containerRuntime,
title = {What are Container Runtimes?},
author = {Nived Velayudhan},
year = {2021},
url = {https://opensource.com/article/21/9/container-runtimes},
urldate = {2024-02-11},
}
@online{kernexpcgroup,
title = {New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container},
author = {Ravie Lakshmanan},
year = {2022},
url = {https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html},
urldate = {2024-02-11},
}
@online{dirtyPipe,
title = {Escaping containers using the Dirty Pipe vulnerability},
author = {Eric Mountain and Tommy McCormick and Christophe Tafani-Dereeper and Frederic Baguelin},
year = {2022},
url = {https://securitylabs.datadoghq.com/articles/dirty-pipe-container-escape-poc/},
urldate = {2024-02-11},
}
@online{dockermitm,
title = {Top Docker Security Vulnerabilities, Best Practices, \& Insights},
author = {Fortra's Alert Logic},
year = {2020},
url = {https://www.alertlogic.com/blog/top-docker-security-vulnerabilities-best-practices-insights/},
urldate = {2024-02-11},
}
@online{arpdocker,
title = {ARP Spoofing},
author = {Imperva},
url = {https://www.imperva.com/learn/application-security/arp-spoofing/},
urldate = {2024-02-12},
}
@online{tui,
title = {Linux Jargon Buster: What are GUI, CLI and TUI in Linux?},
author = {Abhishek Prakash},
year = {2024},
publisher = {It's FOSS},
url = {https://itsfoss.com/gui-cli-tui/},
urldate = {2024-02-28},
}
@online{lynis,
title = {Lynis},
author = {CISOfy},
url = {https://cisofy.com/lynis/},
}
urldate = {2023-12-06},
@online{docker-rootless-setup,
title = {Docker-Rootless Full Setup},
author = {zerint},
url = {https://github.com/zerint/docker-rootless-setup},
}
@online{docksec,
title = {docksec},
author = {Ted LeRoy},
url = {https://github.com/TedLeRoy/docksec},
}
@online{docker-bench-security,
title = {Docker Bench for Security},
author = {Docker},
url = {https://github.com/docker/docker-bench-security},
}
@online{lunar,
title = {Lunar},
author = {Lateral Blast},
url = {https://github.com/lateralblast/lunar},
}
urldate = {2023-12-06},
@online{vulsrepo,
title = {VulsRepo},
author = {ishiDACo},
url = {https://github.com/ishiDACo/vulsrepo},
}
urldate = {2023-12-06},
@online{awst3micro,
title = {Amazon EC2 T3 Instances},
author = {Amazon Web Services},
url = {https://aws.amazon.com/ec2/instance-types/t3/},
}
urldate = {2023-12-07},
@online{vantaget3micro,
title = {t3.micro},
author = {Vantage},
url = {https://instances.vantage.sh/aws/ec2/t3.micro},
}
urldate = {2023-12-07},
@online{watchtower,
title = {Watchtower},
author = {Containrrr},
url = {https://containrrr.dev/watchtower/},
}
urldate = {2023-11-10},
@online{portainer,
title = {Portainer},
author = {Portainer},
url = {https://www.portainer.io/},
}
@online{secdep,
title = {SecDep},
author = {konsthol},
year = {2023},
url = {https://git.konsthol.eu/konsthol/SecDep},
}
urldate = {2023-09-28},
@online{pip,
title = {The Python package installer},
author = {pypa},
url = {https://github.com/pypa/pip},
}
urldate = {2023-08-12},
@online{libcloud,
title = {Apache Libcloud},
author = {The Apache Software Foundation},
url = {https://libcloud.apache.org/},
}
urldate = {2023-12-03},
@online{apache,
title = {Apache},
author = {The Apache Software Foundation},
url = {https://www.apache.org/},
}
urldate = {2023-08-07},
@online{jclouds,
title = {Apache jclouds},
author = {The Apache Software Foundation},
url = {https://jclouds.apache.org/},
}
urldate = {2023-07-26},
@online{java,
title = {Java},
author = {Oracle},
url = {https://www.java.com/en/},
}
urldate = {2023-09-15},
@online{python,
title = {Python},
author = {Python Software Foundation},
url = {https://www.python.org/},
}
urldate = {2023-04-12},
@online{azure-mgmt-network,
title = {Microsoft Azure SDK for Python},
author = {Microsoft},
url = {https://pypi.org/project/azure-mgmt-network/},
}
urldate = {2023-02-12},
@online{azure-mgmt-resource,
title = {Microsoft Azure SDK for Python},
author = {Microsoft},
url = {https://pypi.org/project/azure-mgmt-resource/},
}
urldate = {2023-05-21},
@online{yuml,
title = {yUML},
author = {yUML},
url = {https://yuml.me/},
}
urldate = {2023-12-30},
@online{libcloud-cli,
title = {libcloud-cli},
author = {Terradue},
url = {https://github.com/Terradue/libcloud-cli},
}
urldate = {2023-08-31},
@online{jshielder,
title = {JShielder},
author = {Jsitech},
url = {https://github.com/Jsitech/JShielder},
}
urldate = {2023-12-05},
@online{nixarmor,
title = {nixarmor},
author = {Emir Ozer},
url = {https://github.com/emirozer/nixarmor},
}
urldate = {2023-12-05},
@online{ubuntu,
title = {Ubuntu},
author = {Canonical},
url = {https://ubuntu.com/},
}
urldate = {2023-12-30},
@online{debian,
title = {Debian},
author = {Debian},
url = {https://www.debian.org/},
}
urldate = {2023-12-30},
@online{centos,
title = {CentOS},
author = {CentOS},
url = {https://www.centos.org/},
}
urldate = {2023-12-30},
@online{fedora,
title = {Fedora},
author = {Fedora},
url = {https://fedoraproject.org/},
}
urldate = {2023-12-30},
@online{redhat,
title = {Red Hat},
author = {Red Hat},
url = {https://www.redhat.com/},
}
urldate = {2023-12-30},
@online{opensuse,
title = {openSUSE},
author = {openSUSE},
url = {https://www.opensuse.org/},
}
urldate = {2023-12-30},
@online{mermaid,
title = {Mermaid},
author = {Mermaid},
url = {https://mermaid.live/},
}
urldate = {2024-01-05},
@online{code2flow,
title = {code2flow},
author = {Scott Rogowski},
url = {https://github.com/scottrogowski/code2flow},
}
urldate = {2024-01-05},
@online{callGraph,
title = {callGraph},
author = {Chris Koknat},
url = {https://github.com/koknat/callGraph},
}
urldate = {2024-01-05},
@online{pydeps,
title = {pydeps},
author = {Bjorn},
url = {https://github.com/thebjorn/pydeps},
}
urldate = {2024-01-05},
@online{doxygen,
title = {Doxygen},
author = {Dimitri van Heesch},
url = {https://github.com/doxygen/doxygen},
}
urldate = {2024-01-05},
@online{mysql,
title = {MySQL},
author = {Oracle},
url = {https://www.mysql.com/},
}
urldate = {2024-01-05},
@online{nginx,
title = {NGINX},
author = {NGINX},
url = {https://nginx.org/en/},
}
urldate = {2024-01-05},
@online{LXC,
title = {What's LXC?},
author = {Linux Containers},
url = {https://linuxcontainers.org/lxc/introduction/},
}
urldate = {2023-02-02},
@online{dockerhub,
title = {Build and Ship any Application Anywhere},
author = {Docker},
url = {https://hub.docker.com/},
}
urldate = {2023-04-06},
@online{quay,
title = {Quay builds, analyzes, distributes your container images},
author = {Red Hat},
url = {https://quay.io/},
}
urldate = {2023-11-16},
@online{oci,
title = {Open Container Initiative},
author = {The Linux Foundation},
url = {https://opencontainers.org/},
}
urldate = {2023-04-08},
@online{gVisor,
title = {The Container Security Platform},
author = {Google},
url = {https://gvisor.dev/},
}
urldate = {2023-09-25},
@online{ansible,
title = {Ansible},
author = {Red Hat},
url = {https://www.ansible.com/},
}
urldate = {2023-11-23},
@online{terraform,
title = {Terraform},
author = {HashiCorp},
url = {https://www.terraform.io/},
}
urldate = {2023-09-19},
@online{AkihiroSuda,
author = {Akihiro Suda},
title = {rootlesskit},
year = {2020},
publisher = {GitHub},
journal = {GitHub repository},
url = {https://github.com/rootless-containers/rootlesskit},
}
urldate = {2023-07-18},
@online{apparmor,
title = {AppArmor},
author = {AppArmor},
url = {https://apparmor.net/},
}
urldate = {2023-02-06},
@online{vuls,
title = {Vuls},
author = {Kota Kanbe},
url = {https://vuls.io/},
}
urldate = {2023-12-05},
@online{vulsGithubPage,
title = {Vuls},
author = {future-architect},
url = {https://github.com/future-architect/vuls},
}
urldate = {2023-06-28},
@online{rkt,
title = {rkt},
author = {rkt},
url = {https://github.com/rkt/rkt},
}
@online{snyk,
title = {Snyk},
author = {Snyk},
url = {https://snyk.io/},
}
@online{trivy,
title = {Trivy},
author = {Aqua Security},
url = {https://aquasecurity.github.io/trivy/v0.49/},
}
@online{dotenv,
title = {python-dotenv},
author = {Saurabh Kumar},
url = {https://github.com/theskumar/python-dotenv},
}
@online{rich,
title = {rich},
author = {Textualize},
url = {https://github.com/Textualize/rich},
}
@online{shtab,
title = {shtab},
author = {Iterative},
url = {https://github.com/iterative/shtab},
}
@online{paramiko,
title = {paramiko},
author = {paramiko},
url = {https://github.com/paramiko/paramiko},
}
@online{dockerCompose,
title = {Docker Compose},
author = {Docker},
url = {https://github.com/docker/compose},
}
@online{pydoctrace,
title = {pydoctrace},
author = {Luc Sorel-Giffo},
url = {https://github.com/lucsorel/pydoctrace},
}
@online{plantuml,
title = {PlantUML},
author = {PlantUML},
url = {https://github.com/plantuml/plantuml},
}
@online{htop,
title = {htop},
author = {Hisham Muhammad},
url = {https://htop.dev/},
}
urldate = {2024-02-28},
@online{vim,
title = {Vim},
author = {Bram Moolenaar},
url = {https://github.com/vim/vim},
}
@online{CIS,
title = {CIS},
author = {CIS},
url = {https://www.cisecurity.org/},
}
inproceedings{manu2016study,
author = {Manu, A.R. and Patel, Jitendra Kumar and Akhtar, Shakil and Agrawal, V.K. and Subramanya Murthy, K.N. Bala},
booktitle = {2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT)},
title = {A study, analysis and deep dive on cloud PAAS security in terms of Docker container security},
year = {2016},
volume = {},
number = {},
pages = {1-13},
doi = {10.1109/ICCPCT.2016.7530284},
urldate = {2023-08-07},
}
inproceedings{wenhao2020vulnerability,
author = {Wenhao, Jiang and Zheng, Li},
booktitle = {2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)},
title = {Vulnerability Analysis and Security Research of Docker Container},
year = {2020},
volume = {},
number = {},
pages = {354-357},
doi = {10.1109/ICISCAE51034.2020.9236837},
urldate = {2023-03-10},
}
article{combe2016docker,
author = {Combe, Theo and Martin, Antony and Di Pietro, Roberto},
journal = {IEEE Cloud Computing},
title = {To Docker or Not to Docker: A Security Perspective},
year = {2016},
volume = {3},
number = {5},
pages = {54-62},
keywords = {},
doi = {10.1109/MCC.2016.100},
ISSN = {2325-6095},
month = {Sep.},
urldate = {2023-11-07},
}
inproceedings{loukidis2018docker,
author = {Loukidis-Andreou, Fotis and Giannakopoulos, Ioannis and Doka, Katerina and Koziris, Nectarios},
booktitle = {2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS)},
title = {Docker-Sec: A Fully Automated Container Security Enhancement Mechanism},
year = {2018},
volume = {},
number = {},
pages = {1561-1564},
doi = {10.1109/ICDCS.2018.00169},
urldate = {2023-01-07},
}
inproceedings{mp2016enhancing,
author = {Amith Raj MP and Kumar, Ashok and Pai, Sahithya J and Gopal, Ashika},
booktitle = {2016 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)},
title = {Enhancing security of Docker using Linux hardening techniques},
year = {2016},
volume = {},
number = {},
pages = {94-99},
doi = {10.1109/ICATCCT.2016.7911971},
urldate = {2023-07-25},
}
article{jogi2017establishing,
title = {Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance},
author = {Jogi, Martin},
journal = {University of Tartu, Tartu},
year = {2017},
urldate = {2023-04-06},
}
article{kaur2014hardening,
title = {Hardening OS Identity by Customised Masking Techniques},
author = {Kaur, Ratinder and Singh, Maninder},
journal = {Thapar University, Punjab, India},
year = {2014},
urldate = {2023-03-31},
}
article{zhu2021lic,
title = {Lic-Sec: An enhanced AppArmor Docker security profile generator},
journal = {Journal of Information Security and Applications},
volume = {61},
pages = {102924},
year = {2021},
issn = {2214-2126},
doi = {https://doi.org/10.1016/j.jisa.2021.102924},
url = {https://www.sciencedirect.com/science/article/pii/S2214212621001435},
author = {Hui Zhu and Christian Gehrmann},
keywords = {Docker-sec, LiCShield, Lic-Sec, Container, Security evaluation, Docker},
urldate = {2023-02-22},
}
misc{John2020OS,
title = {OS Hardening - Making systems more secure},
author = {John Ostrowski},
year = {2020},
urldate = {2023-12-09},
}
online{SIDDARTH201910simple,
title = {10 Simple Steps to Harden Your Docker Containers},
author = {SIDDARTH SENTHILKUMAR},
url = {https://sidsbits.com/10-Simple-Steps-to-Harden-Docker-Containers/},
year = {2019},
urldate = {2023-10-04},
}
online{vmblogParavirtualization,
title = {What Are the Benefits of Paravirtualization?},
author = {David Marshall},
year = {2019},
url = {https://vmblog.com/archive/2019/07/23/what-are-the-benefits-of-paravirtualization.aspx},
urldate = {2023-01-26},
}
online{Yathi2017Hardening,
title = {Hardening Docker containers, images, and host - security toolkit},
author = {Yathi Naik},
year = {2017},
url = {https://cloud.redhat.com/blog/hardening-docker-containers-images-and-host-security-toolkit},
urldate = {2023-08-04},
}
online{StackRox2019Docker,
title = {Docker Container Security 101: Risks and 33 Best Practices},
author = {StackRox},
year = {2019},
url = {https://www.stackrox.io/blog/docker-security-101/},
urldate = {2023-10-15},
}
online{Marcin2019Hardening,
title = {Hardening Docker Quick Tips},
author = {Marcin Teodorczyk},
year = {2019},
url = {https://medium.com/intive-developers/hardening-docker-quick-tips-54ca9c283964},
urldate = {2023-08-19},
}
online{redhatContainerRuntime,
title = {How Kubernetes creates and runs containers: An illustrated guide},
author = {Bob Reselman},
year = {2022},
url = {https://www.redhat.com/architect/how-kubernetes-creates-runs-containers},
urldate = {2023-09-08},
}
online{osVirtualizationInfo,
title = {OS-Level Virtualization},
author = {Vikas Jain, Vibha Goyal, Nitin Kundapur Bhat},
year = {2016},
url = {https://courses.engr.illinois.edu/cs423/sp2016/lectures/VirtOS.pdf},
urldate = {2023-11-18},
}
Reference in New Issue View Git Blame Copy Permalink