Results 61 to 70 of about 605 (159)
Exploring Security Enhancements in Kubernetes CNI: A Deep Dive Into Network Policies
IEEE AccessWith the explosive growth of Kubernetes adoption, Container Network Interfaces (CNIs) have become critical components for configuring and securing container networks, but a comprehensive analysis of their security capabilities and performance impact is ...
Bom Kim, Jinwoo Kim, Seungsoo Lee
doaj +1 more source
KubeRosy: A Dynamic System Call Filtering Framework for Containers
IEEE AccessWith the rapid adoption of cloud environments, container technology has become crucial for the efficient operation of large-scale applications. Although container technology offers high efficiency and scalability through low-level isolation via shared ...
Jin Her +3 more
doaj +1 more source
On the implications of unsafe eBPF composition
In the era of Linux being omnipresent, the demand for dynamically extending kernel capabil- ities without requiring changes to kernel source code or loading kernel modules at runtime is increasing. This is driven by numerous use cases such as observability, security, and network- ing, which can be efficiently addressed at the system level, underscoring
Somaraju, Sai Roop
openaire +2 more sources
ESX: A Self-Generated Control Policy for Remote Access With SSH Based on eBPF
IEEE AccessCloud systems that provide remote data and computational access through networks face significant security challenges. Secure Shell (SSH) is one of the most popular methods for remote access, but the leakage of login information presents a substantial ...
Yuan Zhong, Pengfei Chen, Huxing Zhang
doaj +1 more source
Optimus: association-based dynamic system call filtering for container attack surface reduction
Journal of Cloud Computing: Advances, Systems and ApplicationsWhile container adoption has witnessed significant growth in facilitating the operation of large-scale applications, this increased attention has also attracted adversaries who exploit numerous vulnerabilities present in contemporary containers ...
Seungyong Yang +2 more
doaj +1 more source
IEEE AccessWith the evolution of cloud-native microservice architectures traditional sidecar-based monitoring patterns and fragmented security tools have introduced significant resource overhead and management complexity. Current research indicates that the sidecar
Heng Ran, Chuanping Hu, Yan Zhuang
doaj +1 more source
Aquila: Efficient In-Kernel System Call Telemetry for Cloud-Native Environments
SensorsSystem call telemetry is essential for understanding runtime behavior in cloud-native infrastructures, but existing eBPF-based monitors suffer from high per-event overhead, unreliable delivery under load, and limited context for correlating multi-step ...
Juyong Shin, Jisu Kim, Jaehyun Nam
doaj +1 more source
Cost-Effective Sub-THz Signal Generation and Transmission Using a Directly Modulated Laser
IEEE Photonics JournalThis paper presents a comprehensive experimental analysis of a cost-effective and spectrally efficient approach for sub-terahertz (sub-THz) signal generation and transmission, consisting of a directly modulated laser (DML) combined with carrier ...
M. Botella-Campos +4 more
doaj +1 more source
Studi Literatur dan Analisis tentang Malware berbasis eBPF [PDF]
Penelitian ini bertujuan untuk melakukan studi literatur mengenai malware berbasis eBPF (eBPF-based malware), dengan fokus memberikan tinjauan singkat tentang malware berbasis eBPF yang ada saat ini.
Melvindo Goszal, Christopher Gerald
core
In recent years, cloud-native technologies have rapidly penetrated containerized environments. Their lightweight, flexible, and portable features have made them highly popular among developers.
Li, Xiaotang +5 more
core +1 more source