Design and implementation of vulnerability verification framework based on Docker
Vulnerability is an important object in the research of information security, but there are many kinds of vulnerabilities at present, and the verification is complex. In view of the difficulties of building security vulnerabilities and the difficulties of vulnerabilities reappearing, a framework sys...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
National Computer System Engineering Research Institute of China
2018-11-01
|
| Series: | Dianzi Jishu Yingyong |
| Subjects: | |
| Online Access: | http://www.chinaaet.com/article/3000094104 |
| _version_ | 1819102229314928640 |
|---|---|
| author | Chen Yiming Kou Xiaoqiang Wang Yongli |
| author_facet | Chen Yiming Kou Xiaoqiang Wang Yongli |
| author_sort | Chen Yiming |
| collection | DOAJ |
| description | Vulnerability is an important object in the research of information security, but there are many kinds of vulnerabilities at present, and the verification is complex. In view of the difficulties of building security vulnerabilities and the difficulties of vulnerabilities reappearing, a framework system is designed to deploy vulnerabilities in containers based on Docker virtualization technology, and the corresponding verification script is used to implement the framework system. The framework system verification process needs to provide Dockerfile file or Docker mirrors, as well as matching vulnerability verification scripts. Firstly, the system runs a Docker container with a vulnerability program. The framework then calls the verification or attack scripts that match the vulnerability to verify the availability. After testing, the system can greatly improve the speed of the vulnerabilities recovery, and reduce the difficulty and the technical threshold for the reappearing of the vulnerabilities. |
| first_indexed | 2024-12-22T01:31:14Z |
| format | Article |
| id | doaj.art-436eb081bef1487e81a8e7f942d47ace |
| institution | Directory Open Access Journal |
| issn | 0258-7998 |
| language | zho |
| last_indexed | 2024-12-22T01:31:14Z |
| publishDate | 2018-11-01 |
| publisher | National Computer System Engineering Research Institute of China |
| record_format | Article |
| series | Dianzi Jishu Yingyong |
| spelling | doaj.art-436eb081bef1487e81a8e7f942d47ace2022-12-21T18:43:29ZzhoNational Computer System Engineering Research Institute of ChinaDianzi Jishu Yingyong0258-79982018-11-0144119910110.16157/j.issn.0258-7998.1807533000094104Design and implementation of vulnerability verification framework based on DockerChen Yiming0Kou Xiaoqiang1Wang Yongli2National Computer System Engineering Reasearch Institute of China,Beijing 100083,ChinaNational Computer System Engineering Reasearch Institute of China,Beijing 100083,ChinaNational Computer System Engineering Reasearch Institute of China,Beijing 100083,ChinaVulnerability is an important object in the research of information security, but there are many kinds of vulnerabilities at present, and the verification is complex. In view of the difficulties of building security vulnerabilities and the difficulties of vulnerabilities reappearing, a framework system is designed to deploy vulnerabilities in containers based on Docker virtualization technology, and the corresponding verification script is used to implement the framework system. The framework system verification process needs to provide Dockerfile file or Docker mirrors, as well as matching vulnerability verification scripts. Firstly, the system runs a Docker container with a vulnerability program. The framework then calls the verification or attack scripts that match the vulnerability to verify the availability. After testing, the system can greatly improve the speed of the vulnerabilities recovery, and reduce the difficulty and the technical threshold for the reappearing of the vulnerabilities.http://www.chinaaet.com/article/3000094104information securityvulnerability verificationDockervirtualization |
| spellingShingle | Chen Yiming Kou Xiaoqiang Wang Yongli Design and implementation of vulnerability verification framework based on Docker Dianzi Jishu Yingyong information security vulnerability verification Docker virtualization |
| title | Design and implementation of vulnerability verification framework based on Docker |
| title_full | Design and implementation of vulnerability verification framework based on Docker |
| title_fullStr | Design and implementation of vulnerability verification framework based on Docker |
| title_full_unstemmed | Design and implementation of vulnerability verification framework based on Docker |
| title_short | Design and implementation of vulnerability verification framework based on Docker |
| title_sort | design and implementation of vulnerability verification framework based on docker |
| topic | information security vulnerability verification Docker virtualization |
| url | http://www.chinaaet.com/article/3000094104 |
| work_keys_str_mv | AT chenyiming designandimplementationofvulnerabilityverificationframeworkbasedondocker AT kouxiaoqiang designandimplementationofvulnerabilityverificationframeworkbasedondocker AT wangyongli designandimplementationofvulnerabilityverificationframeworkbasedondocker |