Citation
Rosli, Liana Ameerah and Ho, Sin Ban and Fong, Jun Yu (2025) Engineering meaningful container security: Docker image scanning model. In: 4th International Conference on Computer, Information Technology and Intelligent Computing, CITIC 2024, 23 July 2024 - 25 July 2024, Virtual, Online.|
Text
c-9.pdf - Published Version Restricted to Repository staff only Download (197kB) |
Abstract
Container images are becoming increasingly popular in the computing industry, as more organizations adopt container images to run their applications. However, ensuring this container security is vital due to the various threats encountered throughout their lifecycle. Therefore, this research aims to evaluate paradigms used for scanning container images model. This paper compares their effectiveness and efficiency using metrics such as Detection Hit Ratio (DHR) and Total Scan Time (TST). Additionally, we integrate container image scanning into Continuous Integration/Continuous Deployment (CI/CD) pipelines and assess the importance of image signing in maintaining container image security. This research assesses scanning paradigms like Clair and Trivy to identify vulnerabilities in container images. This includes the use of cryptographic signing to verify the images integrity and authenticity. Through a literature review of existing studies on container security and vulnerability detection paradigms, this study aims to provide meaningful insights into the container security, vulnerability scanning, and cryptographic signing model. With this, one would have robust security measures, which evaluate scanning models, compare their effectiveness, integrate them into CI/CD pipelines, and assess image signing role. This paper provides cryptographic signing insights into container security, and vulnerability scanning.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Uncontrolled Keywords: | Engineers, Industry, Review |
| Subjects: | Q Science > QA Mathematics > QA71-90 Instruments and machines > QA75.5-76.95 Electronic computers. Computer science |
| Divisions: | Faculty of Computing and Informatics (FCI) |
| Depositing User: | Nor Afiqah Mohd Adnan |
| Date Deposited: | 10 Dec 2025 02:15 |
| Last Modified: | 13 Dec 2025 03:11 |
| URII: | http://shdl.mmu.edu.my/id/eprint/15007 |
Downloads
Downloads per month over past year
Edit (login required) |
