Dynamic security detection method for Kubernetes cloud native application

A native application and dynamic security technology, applied in the field of cloud native security, can solve the problems of Kubernetes security research lagging behind, no Kubernetes, etc., to reduce application risks and ensure system security

Active Publication Date: 2019-09-24
中国东盟信息港股份有限公司
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, as an emerging technology, the security research related to containers and Kubernetes is relatively lagging behind, and the Kubernetes cloud platform is also facing more and more attacks and threats. At present, there is still no dynamic security detection solution for the Chart application of Kubernetes, which completely depends on the operation and maintenance personnel Manual inspection based on experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic security detection method for Kubernetes cloud native application
  • Dynamic security detection method for Kubernetes cloud native application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The specific implementation of the invention will be further described below in conjunction with the accompanying drawings.

[0035] Such as figure 1 As shown, a dynamic security detection method for Kubernetes cloud-native applications includes the following steps:

[0036] Step S1, initialize the system configuration, establish a helm client and a Kubernetes client according to the configuration to connect to the target helm server and Kubernetes; if the connection fails, exit.

[0037] Step S2, load the plug-in library, and connect to the database; if there is an error in loading and connecting, display an error message and exit.

[0038] Step S3, monitor the CVE vulnerability information, and update the vulnerability information to the local database; connect to Kubernetes through Kubernetesclient, and record all the resources of the currently running Kubernetes.

[0039] Step S4, connect to the helm server through the helm client, scan the running Chart applicati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dynamic security detection method for a Kubernetes cloud native application, and belongs to the technical field of cloud native security, and comprises the following steps: scanning the state of a running Chart application, identifying the running resource type, the mirror image type and the resource use condition of the Chart application, monitoring, analyzing and auditing the behavior of the Chart application, analyzing a malicious mirror image, a resource depletion attack, suspicious connection and other security problems. According to the method, various resource types of the Kubernetes Chartt application are dynamically and safely detected, the operation condition of the Kubernetes Chart application is identified and determined, and different resources are scanned and monitored by loading different plug-ins, so that the system security is ensured.

Description

technical field [0001] The invention relates to the technical field of cloud-native security, in particular to a dynamic security detection method for Kubernetes cloud-native applications. Background technique [0002] With the continuous development of cloud computing, containers and Kubernetes have become the cornerstone of cloud-native applications. Kubernetes is becoming a powerful tool for Internet companies and traditional IT industries to cloudify and simplify operation and maintenance. It has been deployed on a large scale in production environments and has been surpassed More and more companies are adopting it. [0003] The Chart application is a package of Kubernetes resources, managed by the Helm service, and the Chart application is used to install or uninstall applications in the Kubernetes cluster. [0004] However, as an emerging technology, the security research related to containers and Kubernetes is relatively lagging behind, and the Kubernetes cloud platf...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57G06F8/61G06F9/445G06F9/455
CPCG06F8/63G06F9/44526G06F9/45558G06F21/566G06F21/577G06F2009/45587G06F2221/034
Inventor 韦克璐王志雄赵凯麟
Owner 中国东盟信息港股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap