Container software security detection system and method based on content difference

A software security and detection system technology, applied in the direction of computer security devices, instruments, platform integrity maintenance, etc., can solve the problems of difficult application of container software security detection, consumption of computing resources and time costs, and large consumption, so as to reduce Effects of storage space, efficiency improvement, and saving computing and storage resources

Active Publication Date: 2021-08-10
SHANGHAI JIAO TONG UNIV
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the prior art mentioned above, the inventor believes that the general problem of this type of method is that it needs to consume a lot of resources (storage, bandwidth) to download a large number of images to the local test environment, and it needs to consume a lot of computing resources and time costs for performing detection
Therefore, it is difficult to apply to large-scale container software security detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Container software security detection system and method based on content difference
  • Container software security detection system and method based on content difference

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047]The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several changes and improvements without departing from the concept of the present invention. These all belong to the protection scope of the present invention.

[0048] The embodiment of the present invention discloses a container software security detection system and method based on content difference, such as figure 1 and figure 2 As shown, it includes identification and classification nodes, data acquisition nodes and security analysis nodes, and the three nodes exchange data through message channel distributed task scheduling technology to work together. The distributed task scheduling technology adopts the Gearman distributed task scheduling framework.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a container software security detection system and method based on content difference, and the system comprises a recognition and classification node, a data acquisition node and a security analysis node which cooperate with each other through data exchange. The recognition and classification node is used for completing interaction with a user, recognizing basic mirror images of all input to-be-detected mirror images, classifying the mirror images, sending a data acquisition task and the like; the data acquisition node downloads a corresponding container mirror image according to the issued data acquisition task, and extracts corresponding container mirror image layer data from the downloaded container mirror image; and the security analysis node is used for identifying non-basic mirror image layer data according to the extracted container mirror image layer data and carrying out security analysis on the non-basic mirror image layer data. The detection effectiveness is ensured, the mirror image does not need to be actually operated, calculation and storage resources are greatly saved, and full-quantity safety detection of massive mirror images in a public warehouse can be realized in a short time through limited resources.

Description

technical field [0001] The present invention relates to the technical field of container software security detection, in particular to a container software security detection system and method based on content difference. Background technique [0002] The application of container software based on virtualization technology is becoming more and more common. The container form mainly represented by Docker carries various enterprise-level virtualization applications that are common in cloud centers. Among them, Docker Hub is its official storage warehouse, including various users in the community. There are 18 million application mirrors, and users need to download such mirrors from the warehouse as long as they use deployment-related applications. The vulnerability of such container images has become the focus of attack and defense. In particular, inadequate security configurations expose serious security vulnerabilities such as privacy leaks and unauthorized access, and there...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
CPCG06F21/562G06F21/572G06F2221/033
Inventor 陈力波夏懿航赵瑞杰王轶骏薛质姜开达
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap