Unlock instant, AI-driven research and patent intelligence for your innovation.

A security detection method and system for kubernetes cloud-native applications

A security detection and native application technology, applied in the field of cloud computing, can solve the problems of lagging Kubernetes security research and lack of Kubernetes static security detection solutions

Active Publication Date: 2020-08-04
中国东盟信息港股份有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, as an emerging technology, the security research related to containers and Kubernetes is relatively lagging behind, so that the Kubernetes cloud platform is also facing more and more attacks and threats
At present, there is still no static security detection solution for cloud-native applications of Kubernetes, and it completely relies on manual inspection by operation and maintenance personnel based on experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A security detection method and system for kubernetes cloud-native applications
  • A security detection method and system for kubernetes cloud-native applications
  • A security detection method and system for kubernetes cloud-native applications

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The specific implementation of the invention will be further described below in conjunction with the accompanying drawings.

[0043] Different from conventional file scanning of traditional security software, in a container image, each image contains several layers, and each layer is marked with a special identifier. Based on the identifier of the image layer, the detection of malicious containers can be performed more quickly. Effectively locate malicious applications, which is what traditional security software lacks in the cloud-native era. The Chart application contains the necessary information to create an application instance of Kubernetes. The Chart application implements the packaging of Kubernetes resources, and can be used to install or uninstall applications in the Kubernetes cluster.

[0044] Such as figure 1 , figure 2 As shown, a security detection method for Kubernetes cloud-native applications includes the following steps:

[0045] S1. Configuration...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security detection method and system for a Kubernetes cloud native application, and belongs to the technical field of cloud computing. The safety detection method provided bythe invention mainly comprises the following steps of configuration information initialization, loading information base, scanning an application library, carrying out the format identification and package determination, unpacking and identifying file categories; carrying out the malicious mirror detection, feature recognition, inspection and collection of integrated report content. By sequentially scanning and identifying whether each resource in a Clart uses a malicious mirror image or not; requesting suspicious resources, applying too large resources, having suspicious connection and the like, then performing comparative analysis, and judging the legality or trust value of an application according to a comparison result and a corresponding project weight value, the purpose of securitydetection is achieved. According to the method, a mode of scanning according to various resource types in the kubernetes chart application is provided, the blank that the kubernetes cloud platform hasno application security scanning is filled, and the method has the advantages that the detection efficiency and the detection accuracy are both remarkably improved.

Description

technical field [0001] The invention relates to a security detection method, in particular to a security detection method and a system for a Kubernetes cloud native application, and belongs to the technical field of cloud computing. Background technique [0002] With the continuous development of cloud computing, containers and Kubernetes have become the cornerstone of cloud-native applications. Wherein, the cloud native application refers to a software application specially developed to run in a cloud computing environment. Compared with traditional software applications, the back-end computing, scalability and parallel processing of cloud-native applications all match the cloud architecture. Because cloud-generated applications all run on the cloud, cloud-native applications are composed of multiple cloud services, each of which is scalable, elastic, and composable. [0003] Kubernetes is becoming a powerful tool for Internet companies and traditional IT industries to cl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
Inventor 韦克璐王志雄赵凯麟
Owner 中国东盟信息港股份有限公司