1 |
CVSS v2 Calculator, https://nvd.nist.gov/vulnmetrics/cvss/v2-calculator
|
2 |
T.J. McCabe. "A Complexity Measure". In: Software Engineering, IEEE Transactions on SE-2.4 (1976), pages 308-320. ISSN: 0098-5589. DOI: 10.1109/TSE.1976.233837
DOI
|
3 |
Objdump man page, https://linux.die.net/man/1/objdump
|
4 |
LTP Project, https://github.com/linux-test-project/ltp
|
5 |
Ftrace man page, https://linux.die.net/man/1/ftrace
|
6 |
Docker Seccomp Profile, https://docs.docker.com/engine/security/seccomp/
|
7 |
GVisor Seccomp Rule, https://github.com/google/gvisor/blob/master/runsc/boot/filter/config.go
|
8 |
A. Randazzo, I. Tinnirello, Kata Containers: An Emerging Architecture for Enabling MEC Services in Fast and Secure Way, In Proceedings of the 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS 2019), pp. 209-214, Granada, Spain, October 2019, DOI: 10.1109/IOTSMS48152.2019.8939164
|
9 |
Z. Jian, L. Chen, A Defense Method against Docker Escape Attack, In Proceedings of the 2017 International Conference on Cryptography, Security and Privacy (ICCSP'17), pp.142-146, Wuhan, China, March 2017. DOI: 10.1145/3058060
|
10 |
S. Sultan, I. Ahmad, and T. Dimitriou, "Container Security: Issues, Challenges, and the Road Ahead," IEEE Access, Vol. 7, pp. 52976-52996, April, 2019, DOI: 10.1109/ACCESS.2019.2911732
DOI
|
11 |
GVisor, https://gvisor.dev
|
12 |
Kata container, https://katacontainers.io
|
13 |
Nabla container, https://nabla-containers.github.io/
|
14 |
Ethan G. Young, et al., The True Cost of Containing: A gVisor Case Study., In Proceedings of the 11th USENIX Conference on Hot Topics in Cloud Computing(HotCloud'19), p. 16, Renton WA, USA, July 2019. 10.5555/3357034.3357054
|
15 |
D. Williams, R. Koller, M. Lucina, and N. Prakash. Unikernels As Processes. In Proceedings of the ACM Symposium on Cloud Computing, SoCC '18, pp. 199-211, New York, NY, USA, October 2018. 10.1145/3267809.3267845
|
16 |
Anjali, Tyler Caraza-Harter, Michael M.Swift., Blending containers and virtual machines: a study of firecracker and gVisor., Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE'20), pp. 101-113, Lausanne, Switzerland, March 2020. 10.1145/3381052.3381315
|
17 |
Measuring the Horizontal Attack Profile of Nabla Containers, https://blog.hansenpartnership.com/measur ing-the-horizontal-attack-profile-of-nabla-containers/
|
18 |
CVE, https://cve.mitre.org/
|
19 |
A. Kurmus, R. Tartler, D. Dorneanu, B. Heinloth, V. Rothberg, A. Ruprecht, W. Schroder-Preikschat, D. Lohmann, and R. Kapitza, Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring, in Proceedings of the 20th Network and Distributed System Security Symposium(NDSS'13), San Diego, CA, Feburary 2013.
|
20 |
Y. Li, B. Dolan-Gavitt, S. Weber, and J. Cappos, Lock-in-Pop: Securing Privileged Operating System Kernels by Keeping on the Beaten Path. In Proceedings of In Annual Technical Conference USENIX ATC'17, pp. 1-13, SANTA CLARA, CA, July 2017. 10.5555/3154690.3154692
|
21 |
D. Williams, R. Koller, and B. Lum. Say goodbye to virtualization for a safer cloud. In Proc. of USENIX HotCloud, p. 20, Boston, MA, July 2018. 10.5555/3277180.3277200
|
22 |
A. Agache, M. Brooker, A. Iordache, A. Liguori, R. Neugebauer, P. Piwonka, and D.-M. Popa. Firecracker: Lightweight virtualization for serverless applications, In 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI 20), pp.419-434, Santa Clara, USA, Feburary 2020.
|
23 |
ExploitDB, https://www.exploit-db.com/
|