Mining sandboxes for Linux containers

Mining sandboxes for Linux containers

A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through system call interface. In this paper, we present an approach that mines sandboxes for containers. We first ex...

Full description

Saved in:

Bibliographic Details
Main Authors:	WAN, Zhiyuan, LO, David, XIA, Xin, CAI, Liang, LI, Shanping
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2017
Subjects:	Linux container kernel namespaces resource allocation quota system call interface automatic testing regular functionality performance overhead sandbox mining Software Engineering
Online Access:	https://ink.library.smu.edu.sg/sis_research/4528 https://ink.library.smu.edu.sg/context/sis_research/article/5531/viewcontent/Mining_sandboxes_Linux_av.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Practical and effective sandboxing for Linux containers
by: WAN, Zhiyuan, et al.
Published: (2019)

Automated patch backporting in Linux (experience paper)
by: Shariffdeen, Ridwan, et al.
Published: (2021)

Towards mining comprehensive Android sandboxes
by: LE, Tien-Duy B., et al.
Published: (2018)

Mining sandboxes: Are we there yet?
by: BAO, Lingfeng, et al.
Published: (2018)

Concern localization using information retrieval: An empirical study on Linux kernel
by: Wang, S., et al.
Published: (2013)

A large scale Linux-Kernel based benchmark for feature location research
by: Xing, Z., et al.
Published: (2014)

Concern localization using information retrieval: An empirical study on Linux kernel
by: WANG, Shaowei, et al.
Published: (2011)

MaPa Linux: Manage Pane for Linux
by: Cruz, Yvette Kyla C., et al.
Published: (2005)

Win-to-lin VPD: Windows to linux virtual printer driver
by: Co, Freda P., et al.
Published: (2006)

RESERVATION PROTOCOL AND CLASS BASED QUEUEING ON LINUX
by: IRWIN GUI HARN KEAT
Published: (2020)

Exfilm: Extensible file manager for Linux
by: Chan, Oliver L., et al.
Published: (2005)

Recommending code changes for automatic backporting of Linux device drivers
by: THUNG, Ferdian, et al.
Published: (2016)

Terminal and yard allocation problem for a container transshipment hub with multiple terminals
by: Lee, D.-H., et al.
Published: (2014)

Efficient planning of berth allocation for container terminals in Asia
by: Imai, A., et al.
Published: (2014)

Rethinking the regulatory sandbox for financial innovation: An assessment of the UK and Singapore
by: CHEN, Christopher
Published: (2020)

Perceptions of Chinese People Toward Phuket’s Destination Image and Intention to Visit Phuket: The Influence of Phuket Sandbox Program Implementation
by: Hu, Zhaoxiang
Published: (2023)

A fault recovery mechanism for a QoS-guaranteed multicast routing protocol
by: PENG BIN
Published: (2010)

An adaptive measured-based preassignment scheme with connection-level QoS support for mobile networks
by: Luo, X., et al.
Published: (2014)

Storage yard management for container transshipment terminals
by: JIN JIANGANG
Published: (2013)

Feeder vessel management at container transshipment terminals
by: Lee, D.-H., et al.
Published: (2014)

Feeder vessel management at container transshipment terminals
by: Lee, D.-H., et al.
Published: (2014)

Liner shipping service network design with empty container repositioning
by: Meng, Q., et al.
Published: (2014)

Liner shipping service network design with empty container repositioning
by: Meng, Q., et al.
Published: (2014)

The needs and benefits of applying textual data mining within the product development process
by: Menon, R., et al.
Published: (2014)

The needs and benefits of applying textual data mining within the product development process
by: Menon, R., et al.
Published: (2014)

The continuous Berth Allocation Problem: A Greedy Randomized Adaptive Search Solution
by: Lee, D.-H., et al.
Published: (2014)

JNICodejail - Native code isolation for Java programs
by: Hassanshahi, B., et al.
Published: (2014)

Models and new methods for the quayside operations in port container terminals.
by: CHEN JIANGHANG
Published: (2012)

An approximate dynamic programming approach for the empty container allocation problem
by: Lam, S.-W., et al.
Published: (2014)

Are friends electric? Valuing the social costs of power lines using house prices
by: Tang, Cheng Keat, et al.
Published: (2024)

Sustainability disclosure for container shipping: a text-mining approach
by: Zhou, Yusheng, et al.
Published: (2022)

Secure access control in unix
by: HEMAL NAMDEV RATHOD
Published: (2010)

Golden implementation driven software debugging
by: Banerjee, A., et al.
Published: (2013)

Development of an automated microcontroller-based in-vessel composting system for the household setting
by: Co, Malcolm Andersen H., et al.
Published: (2023)

Application of optimization techniques in container port operations
by: SONG LIYING
Published: (2010)

ON THE TREE AND CLUSTER CONTAINMENT PROBLEMS FOR PHYLOGENETIC NETWORKS
by: ANDREAS DWI MARYANTO GUNAWAN
Published: (2018)

Parallel performance analysis of bacterial biofilm simulation models
by: Sheraton, Muniraj Vivek, et al.
Published: (2019)

The effectiveness of the overhead transparency as a tool in the teaching of high school physics
by: Sotto, Rosario L.
Published: (1983)

Towards a binary integrity system for windows
by: Wu, Y., et al.
Published: (2013)

A project study on the manufacture of glass containers and other allied products
by: Apacible, Renato Y.
Published: (1964)