Intelligent Docker container malicious file detection method and device

A docker container and malicious file technology, applied in the computer field, can solve the problems of image loopholes, risks, sensitive information of legacy database passwords, etc.

Inactive Publication Date: 2019-09-06
SICHUAN UNIV +1
View PDF8 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For mirrors, the main security issues are: when developers build mirrors, they tend to leave behind some sensitive information such as database passwords; whether it is from official mirrors or community mirrors, there are many loopholes in the mirror itself that may cause risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent Docker container malicious file detection method and device
  • Intelligent Docker container malicious file detection method and device
  • Intelligent Docker container malicious file detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The following will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.

[0046] refer to figure 1 , figure 1 It is a flow chart of an intelligent Docker container malicious file detection method proposed by an embodiment of the present application, and the method is applied to a server. Such as figure 1As shown, the method includes the following steps:

[0047] S11: Obtain multiple files in the original image of the target Docker container, where the target Docker container is a Docker container to be detected.

[0048] In this embodiment, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of computers, and provides an intelligent Docker container malicious file detection method and device. The method is applied to a server and comprises: acquiring a plurality of files in an original mirror image of a target Docker container, wherein the target Docker container is a to-be-detected Docker container; for each file in the plurality of files,detecting the file by using a malicious file feature code based on a yara rule so as to judge whether the file is a malicious file or not, and obtaining a first detection result; for each file in theplurality of files, detecting the file by using antivirus software to judge whether the file is a malicious file or not to obtain a second detection result; obtaining a plurality of webpage files inan original mirror image of the target Docker container; and for each webpage file in the plurality of webpage files, inputting the webpage file into a webpage classification model to detect whether the webpage is a Webshell webpage backdoor file or not, and obtaining a third detection result.

Description

technical field [0001] The present application relates to the field of computer technology, in particular to an intelligent method and device for detecting malicious files in Docker containers. Background technique [0002] Docker is a container engine that relies on the Linux kernel. It is released based on the Apache 2.0 open source license agreement, which can quickly realize the automatic deployment of applications based on containers. Docker is mainly composed of five parts: client, daemon, mirror, container and mirror warehouse, providing a simple and lightweight modeling method. Among them, on the one hand, the image is an object-oriented class, which is equivalent to a template; on the other hand, it is equivalent to a file system. In addition to providing the programs, libraries, resources, configuration and other files required for the container to run, it also contains some for Some configuration parameters prepared at runtime (such as anonymous volumes, environm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F9/455
CPCG06F9/45558G06F21/561G06F21/562
Inventor 黄诚谢逸黄德禄崔韩东
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap