categorizing container escape methodologies in multi
play

Categorizing container escape methodologies in multi-tenant - PowerPoint PPT Presentation

Jun 20, 2023 •584 likes •774 views

Categorizing container escape methodologies in multi-tenant environments Rik Janssen rik.janssen@os3.nl Research Project 1 MSc Security and Network Engineering (SNE/OS3) University of Amsterdam Supervisor: Max Hovens KPMG Cyber Security

  1. Categorizing container escape methodologies in multi-tenant environments Rik Janssen rik.janssen@os3.nl Research Project 1 MSc Security and Network Engineering (SNE/OS3) University of Amsterdam Supervisor: Max Hovens KPMG Cyber Security Netherlands February 6, 2018 Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 1 / 17

  2. Introduction Operating-system-level virtualization Docker, LXC, FreeBSD Jails, etc. Container escapes Host system takeover Data leakage Multi-tenant environments Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 2 / 17

  3. Introduction Research Question How to systematically categorize vulnerabilities relating to multi-tenant environments that make use of operating-system-level virtualization? Figure 1: Public cloud Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 3 / 17

  4. Related Work Comparative study [1] of OS-level virtualization systems: defines attacker model; defines security requirements for isolation techniques; LXC, FreeBSD Jails, Solaris Zones, etc., but not Docker. Later study [2] extends on previous study: Linux only (Docker); evaluates and extends security requirements; correlates CVEs to requirements. Both focus on single container host. Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 4 / 17

  5. Approach Literature study Linux and Kubernetes Breakdown of components Mapping CVEs Extending requirements Affected workloads Mitigation techniques Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 5 / 17

  6. Results - Architecture overview Figure 2: Cloud Native Computing Foundation (CNCF) Scope [3] Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 6 / 17

  7. Results - Architecture overview Figure 3: Kubernetes [4] Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 7 / 17

  8. Results - Security model Hardened application User namespace w/o caps Mount protections Minimal container distro Syscall Filtering w/ seccomp-bpf Linux kernel with grsecurity+pax HYPERVISOR/HARDWARE Figure 4: NCC Group’s security model [5] Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 8 / 17

  9. Results - Attack surface via linking Figure 5: Static linking Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 9 / 17

  10. Discussion - Attack surface via linking Figure 6: Dynamic linking Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 10 / 17

  11. Discussion - CVEs Etcd Distributed key-value store Single source of configuration truth Authorization Modules (e.g. ’ABAC’) One CVE found (CVE-2015-5305) OpenShift Red Hat Integrated platform (Atomic OS + Docker + Kubernetes) Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 11 / 17

  12. Results - CVE-2017-5754: ’Meltdown’ Side-channel attack [6] utilizing out-of-order execution and CPU cache timings to read all physical memory. Hardware-level vulnerability Possible from any user space process Containers specifically mentioned in regards to information leakage Intel covered in paper Mitigate using kernel page-table isolation patches Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 12 / 17

  13. Conclusion Research question How to systematically categorize vulnerabilities relating to multi-tenant environments that make use of operating-system-level virtualization? Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 13 / 17

  14. Conclusion Research question How to systematically categorize vulnerabilities relating to multi-tenant environments that make use of operating-system-level virtualization? Answer (preliminary) Application architecture is critical due to tight coupling with the underlying infrastructure. Security boundary is moved to the infrastructure (i.e. hardware) level. Utilize integrated approach (i.e. don’t use upstream). Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 14 / 17

  15. Future work Compliance correlation (e.g. ISO, HIPAA, NEN) Other OS-level virtualization platforms (e.g. Windows, *BSD, Nomad, Mesos, etc.) Other virtualization techniques (e.g. full and/or para) Automated workload classification and orchestration Istio platform (alpha) Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 15 / 17

  16. References I [1] E. Reshetova, J. Karhunen, T. Nyman, and N. Asokan, “Security of os-level virtualization technologies,” in Nordic Conference on Secure IT Systems , pp. 77–93, Springer, 2014. [2] S. Laur´ en, M. R. Memarian, M. Conti, and V. Lepp¨ anen, “Analysis of security in modern container platforms,” in Research Advances in Cloud Computing , pp. 351–369, Springer, 2017. [3] The Linux Foundation, “Cloud Native Computing Foundation (CNCF) Charter,” 2017. [Online]. Available: https://www.cncf.io/about/charter . [Accessed: Jan. 15, 2018]. [4] I. Gunaratne, “A Reference Architecture for Deploying WSO2 Middleware on Kubernetes,” Jan. 2017. [Online]. Available: https://medium.com/containermind/ a-reference-architecture-for-deploying-wso2-middleware-on-kubernetes- [Accessed: Jan. 17, 2018]. Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 16 / 17

  17. References II [5] A. Grattafiori, “Def con 23 - aaron grattafiori - linux containers: Future or fantasy? - 101 track.” Youtube. 2015. Available: https://www.youtube.com/watch?v=iN6QbszB1R8 [Accessed: Jan. 3, 2018]. [6] M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, and M. Hamburg, “Meltdown.” arXiv:1801.01207, Jan. 2018. Rik Janssen (SNE/OS3) Multi-tenant container escapes February 6, 2018 17 / 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Decision aid methodologies in transportation Lecture 6 (part-2): Container terminal management

Decision aid methodologies in transportation Lecture 6 (part-2): Container terminal management

Decision aid methodologies in transportation Lecture 6 (part-2): Container terminal management Ilaria Vacca ilaria.vacca@epfl.ch Transport and Mobility Laboratory Outline Introduction to maritime transport Overview container terminals

491 views • 37 slides
Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way

Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way

Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way ContainerCon North America 2016 Charlie Drage Container Tools / Project Atomic @ Red Hat cdrage @ http://projectatomic.io Wait, whats Project

304 views • 28 slides
Ma Matthe hew w 2: 2:13 13-23 23 1. The Escape to Egypt 1. The Escape to Egypt an angel

Ma Matthe hew w 2: 2:13 13-23 23 1. The Escape to Egypt 1. The Escape to Egypt an angel

Ma Matthe hew w 2: 2:13 13-23 23 1. The Escape to Egypt 1. The Escape to Egypt an angel of the Lord appeared to Joseph in a dream. Get up, The hard situation he said, take the child and his mother and escape to Egypt.

330 views • 22 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
Benefits of Eclipse Che When Developing Multi-Container Apps How to use existing production k8s

Benefits of Eclipse Che When Developing Multi-Container Apps How to use existing production k8s

Benefits of Eclipse Che When Developing Multi-Container Apps How to use existing production k8s environment in enterprise development Eugene Ivantsov Senior Software Maintenance Engineer Red Hat AGENDA: This presentation covers:

501 views • 14 slides
Decison-Aid Methodologies in Transportation Optimization Exercise 6 Tom Robenek May 21, 2013

Decison-Aid Methodologies in Transportation Optimization Exercise 6 Tom Robenek May 21, 2013

Decison-Aid Methodologies in Transportation Optimization Exercise 6 Tom Robenek May 21, 2013 1 / 6 Quay Crane Scheduling Problem Figure : source: http://prodlog.wiwi.uni-halle.de/forschung/container/?lang=en 2 / 6 How it looks like

79 views • 6 slides
Lecture 6--Hydrogen escape, Part 2 Diffusion-limited escape/ The atmospheric hydrogen budget/

Lecture 6--Hydrogen escape, Part 2 Diffusion-limited escape/ The atmospheric hydrogen budget/

41st Saas-Fee Course From Planets to Life 3-9 April 2011 Lecture 6--Hydrogen escape, Part 2 Diffusion-limited escape/ The atmospheric hydrogen budget/ Hydrodynamic escape J. F. Kasting Diffusion-limited escape On Earth, hydrogen

554 views • 23 slides
Composition and Deployment of Complex Container-Based Application Architectures on Multi-Clouds

Composition and Deployment of Complex Container-Based Application Architectures on Multi-Clouds

Composition and Deployment of Complex Container-Based Application Architectures on Multi-Clouds DI4R Lisbon, Portugal Andy S. Alic 1 , Marica Antonacci 2 , Ignacio Blanquer 1 , Miguel October 2018 Caballer 1 , Giacinto Donvito 2 , lvaro

297 views • 12 slides
Decision Aid Methodologies In Transportation Lecture 2: Linear Programming, Duality Virginie

Decision Aid Methodologies In Transportation Lecture 2: Linear Programming, Duality Virginie

CIVIL-557 Decision Aid Methodologies In Transportation Lecture 2: Linear Programming, Duality Virginie Lurkin, Nikola Obrenovi Transport and Mobility Laboratory TRANSP-OR cole Polytechnique Fdrale de Lausanne EPFL Container Storage

658 views • 61 slides
CLUSTERING AND CATEGORIZING A n a l y z i n g Q u a l i t a t i ve D a t a CODE DEVELOPMENT

CLUSTERING AND CATEGORIZING A n a l y z i n g Q u a l i t a t i ve D a t a CODE DEVELOPMENT

Sren Knudsen CLUSTERING AND CATEGORIZING A n a l y z i n g Q u a l i t a t i ve D a t a CODE DEVELOPMENT CODING SORTING SYTHESIZING THEORIZING Codes Categories Themes Theory Specific Abstract / General - adapted from

506 views • 24 slides
CLUSTERING AND CATEGORIZING A n a l y z i n g Q u a l i t a t i ve D a t a CODE DEVELOPMENT

CLUSTERING AND CATEGORIZING A n a l y z i n g Q u a l i t a t i ve D a t a CODE DEVELOPMENT

Sren Knudsen CLUSTERING AND CATEGORIZING A n a l y z i n g Q u a l i t a t i ve D a t a CODE DEVELOPMENT CODING SORTING SYTHESIZING THEORIZING Codes Categories Themes Theory Specific Abstract / General - adapted from

364 views • 25 slides
Natural Language Processing with Python CS372: Spring, 20 15 Lecture 12 Categorizing and

Natural Language Processing with Python CS372: Spring, 20 15 Lecture 12 Categorizing and

Natural Language Processing with Python CS372: Spring, 20 15 Lecture 12 Categorizing and Tagging Words Jong C. Park Department of Computer Science Korea Advanced Institute of Science and Technology CATEGORIZING AND TAGGING WORDS Using a

688 views • 34 slides
Deploying Multi-Container Applications with Ansible Broker Eric Dub, Senior Principal Product

Deploying Multi-Container Applications with Ansible Broker Eric Dub, Senior Principal Product

11.7.2017 Deploying Multi-Container Applications with Ansible Broker Eric Dub, Senior Principal Product Manager, Red Hat Todd Sanders, Director Software Engineering, Red Hat Agenda Service Catalog and Brokers Live Demonstration Open

515 views • 40 slides
Lecture 5: Hydrogen Escape, Part 1 Prebiotic O 2 levels/ Kinetic theory of gases/ Jeans

Lecture 5: Hydrogen Escape, Part 1 Prebiotic O 2 levels/ Kinetic theory of gases/ Jeans

41st Saas-Fee Course From Planets to Life 3-9 April 2011 Lecture 5: Hydrogen Escape, Part 1 Prebiotic O 2 levels/ Kinetic theory of gases/ Jeans escape/ Nonthermal escape J. F. Kasting Why do we care about hydrogen escape? Most H

752 views • 31 slides
Development Methodologies Development Methodologies A methodology is a system of methods and

Development Methodologies Development Methodologies A methodology is a system of methods and

Development Methodologies Development Methodologies A methodology is a system of methods and principles used in a particular school of software design. There is a wide variety of published methodologies, and Dr. James A. Bednar an even

245 views • 11 slides
B-Escape: A Simultaneous Escape Routing Algorithm Based on Boundary Routing Lijuan Luo 1 , Tan Yan

B-Escape: A Simultaneous Escape Routing Algorithm Based on Boundary Routing Lijuan Luo 1 , Tan Yan

B-Escape: A Simultaneous Escape Routing Algorithm Based on Boundary Routing Lijuan Luo 1 , Tan Yan 1 , Qiang Ma 1 Martin Wong 1 , Toshiyuki Shibuya 2 1 ECE Department, University of Illinois, Urbana-Champaign . 2 Fujitsu Laboratories of America,

591 views • 28 slides
Design, Implementation and Operation of NetBSD Base System Packaging Yuuki Enomoto Kenichi

Design, Implementation and Operation of NetBSD Base System Packaging Yuuki Enomoto Kenichi

Design, Implementation and Operation of NetBSD Base System Packaging Yuuki Enomoto Kenichi Fukamachi Abstract tarball (which extension is known as .tgz) is one of typical large archive formats. BSD UNIX dis- It is

384 views • 11 slides
St. Louis Regional Freight District Mary Lamie, Executive Director Freight Working Group

St. Louis Regional Freight District Mary Lamie, Executive Director Freight Working Group

St. Louis Regional Freight District Mary Lamie, Executive Director Freight Working Group PARTNERS FROM ILLINOIS & MISSOURI Tim Cantwell Ellen Krohne St. Clair County/MidAmerica Airport Leadership Council Southwestern Illinois Louis

505 views • 18 slides
TrueOS: A rolling FreeBSD with OpenRC Presented by Joe Maloney Lead Systems Architect @ TrueOS

TrueOS: A rolling FreeBSD with OpenRC Presented by Joe Maloney Lead Systems Architect @ TrueOS

TrueOS: A rolling FreeBSD with OpenRC Presented by Joe Maloney Lead Systems Architect @ TrueOS project QA Supervisor @ iXSystems What motivated me to work on TrueOS? My interest in running FreeBSD on the desktop grew from my enjoyment of

708 views • 33 slides
Furthering Momentum for Market Leadership Altium Half Year Investor Presentation 17-18 February

Furthering Momentum for Market Leadership Altium Half Year Investor Presentation 17-18 February

Delivering Strong Performance & Furthering Momentum for Market Leadership Altium Half Year Investor Presentation 17-18 February 2016 (Sydney) Aram Mirkazemi - CEO 22 February 2016 (Melbourne) Martin Ive - VP Finance Kim Besharati - VP

583 views • 43 slides
phil rose Division of Humanities, Hong Kong University of Science & Technology School of

phil rose Division of Humanities, Hong Kong University of Science & Technology School of

TAL 2012 (Prosody in the Real World) Tonal Aspects across Tone and Non-Tone Languages Invited Talk Two sides of the same coin: between-speaker F0 differences in linguistic-tonetic description and forensic voice comparison. phil rose

875 views • 39 slides
2017-2018 Budg 8 Budget Publi lic H Heari ring a and Bu Budget A Adopti ption Board M

2017-2018 Budg 8 Budget Publi lic H Heari ring a and Bu Budget A Adopti ption Board M

2017-2018 Budg 8 Budget Publi lic H Heari ring a and Bu Budget A Adopti ption Board M Meet eeting A Augu gust st 8, 2017 Acknowledgem ement Thanks to Superintendent Seigel and the Strategic Budget Committee (Senior

654 views • 24 slides
Enterprise End User Summit 2012 LTTng 2.0 : Kernel and Application tracing for the Enterprise.

Enterprise End User Summit 2012 LTTng 2.0 : Kernel and Application tracing for the Enterprise.

Enterprise End User Summit 2012 LTTng 2.0 : Kernel and Application tracing for the Enterprise. E-mail: mathieu.desnoyers@efficios.com Mathieu Desnoyers April 30th, 2012 1 > Presenter Mathieu Desnoyers EfficiOS Inc.

412 views • 38 slides
A Simulation of Global Atmosphere Model NICAM on TSUBAME 2.5 Using OpenACC Hisashi YASHIRO

A Simulation of Global Atmosphere Model NICAM on TSUBAME 2.5 Using OpenACC Hisashi YASHIRO

A Simulation of Global Atmosphere Model NICAM on TSUBAME 2.5 Using OpenACC Hisashi YASHIRO RIKEN Advanced Institute of Computational Science Kobe, Japan GTC2015, San Jose, Mar. 17-20, 2015 My topic The study for Cloud computing

602 views • 21 slides

More recommend