A hybrid system call profiling approach for container protection

[PDF] acm.org

Sysxchg: Refining privilege with adaptive system call filters

AJ Gaidis, V Atlidakis, VP Kemerlis - Proceedings of the 2023 ACM …, 2023 - dl.acm.org
We present the design, implementation, and evaluation of SysXCHG: a system call (syscall)
filtering enforcement mechanism that enables programs to run in accordance with the …
被引用次数:8 相关文章 所有 6 个版本
[PDF] ieee.org

Securing the Shared Kernel: Exploring Kernel Isolation and Emerging Challenges in Modern Cloud Computing

S Zehra, HJ Syed, F Samad, U Faseeha… - IEEE …, 2024 - ieeexplore.ieee.org
Containerization is a rapidly advancing technology in cloud computing, facilitating the
seamless development, deployment, and management of applications across diverse …
相关文章 所有 2 个版本
[PDF] springer.com

Optimus: association-based dynamic system call filtering for container attack surface reduction

S Yang, BB Kang, J Nam - Journal of Cloud Computing, 2024 - Springer
While container adoption has witnessed significant growth in facilitating the operation of
large-scale applications, this increased attention has also attracted adversaries who exploit …
被引用次数:5 相关文章 所有 5 个版本