Analyzing docker vulnerabilities through static and dynamic methods and enhancing IoT security with AWS IoT Core, CloudWatch, and GuardDuty
Article
Ajith, V., Cyriac, T., Chavda, C., Kiyani, A.T., Chennareddy, V. and Ali, K. 2024. Analyzing docker vulnerabilities through static and dynamic methods and enhancing IoT security with AWS IoT Core, CloudWatch, and GuardDuty. IoT. 5 (3), pp. 592-607. https://doi.org/10.3390/iot5030026
| Type | Article |
|---|---|
| Title | Analyzing docker vulnerabilities through static and dynamic methods and enhancing IoT security with AWS IoT Core, CloudWatch, and GuardDuty |
| Authors | Ajith, V., Cyriac, T., Chavda, C., Kiyani, A.T., Chennareddy, V. and Ali, K. |
| Abstract | In the age of fast digital transformation, Docker containers have become one of the central technologies for flexible and scalable application deployment. However, this has opened a new dimension of challenges in security, which are skyrocketing with increased technology adoption. This paper discerns these challenges through a manifold approach: first, comprehensive static analysis by Trivy, and second, real-time dynamic analysis by Falco in order to uncover vulnerabilities in Docker environments pre-deployment and during runtime. One can also find similar challenges in security within the Internet of Things (IoT) sector, due to the huge number of devices connected to WiFi networks, from simple data breaches such as brute force attacks and unauthorized access to large-scale cyber attacks against critical infrastructure, which represent only a portion of the problems. In connection with this, this paper is calling for the execution of robust AWS cloud security solutions: IoT Core, CloudWatch, and GuardDuty. IoT Core provides a secure channel of communication for IoT devices, and CloudWatch offers detailed monitoring and logging. Additional security is provided by GuardDuty’s automatized threat detection system, which continuously seeks out potential threats across network traffic. Armed with these technologies, we try to build a more resilient and privacy-oriented IoT while ensuring the security of our digital existence. The result is, therefore, an all-inclusive work on security in both Docker and IoT domains, which might be considered one of the most important efforts so far to strengthen the digital infrastructure against fast-evolving cyber threats, combining state-of-the-art methods of static and dynamic analyses for Docker security with advanced, cloud-based protection for IoT devices. |
| Keywords | Docker; container; mobile cloud; Ad hoc cloud; IoT; Falco; Trivy; GuardDuty; IoT Core; security; AWS cloud |
| Sustainable Development Goals | 9 Industry, innovation and infrastructure |
| Middlesex University Theme | Sustainability |
| Publisher | MDPI |
| Journal | IoT |
| ISSN | |
| Electronic | 2624-831X |
| Publication dates | |
| Online | 04 Sep 2024 |
| Sep 2024 | |
| Publication process dates | |
| Submitted | 14 Jun 2024 |
| Accepted | 20 Aug 2024 |
| Deposited | 15 Jan 2025 |
| Output status | Published |
| Publisher's version | License File Access Level Open |
| Copyright Statement | © 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| Digital Object Identifier (DOI) | https://doi.org/10.3390/iot5030026 |
| Web of Science identifier | WOS:001323493300001 |
| Language | English |
Permalink -
https://repository.mdx.ac.uk/item/19w75q
Download files
20
total views6
total downloads10
views this month2
downloads this month
Export as
Related outputs
Energy efficiency optimisation of joint computational task offloading and resource allocation using particle swarm optimisation approach in vehicular edge networks
Alam, A., Shah, P., Trestian, R., Ali, K. and Mapp, G. 2024. Energy efficiency optimisation of joint computational task offloading and resource allocation using particle swarm optimisation approach in vehicular edge networks. Sensors. 24 (10). https://doi.org/10.3390/s24103001Information fusion-based cybersecurity threat detection for intelligent transportation system
Chowdhury, A., Naha, R., Kaisar, S., Khoshkholghi, A., Ali, K. and Galletta, A. 2023. Information fusion-based cybersecurity threat detection for intelligent transportation system. CCGridW: 4th Workshop on Secure IoT, Edge and Cloud Systems (SioTEC) 2023. Bangalore, India 01 - 04 May 2023 Bangalore, India IEEE. pp. 96-103 https://doi.org/10.1109/CCGridW59191.2023.00029Analyzing land cover and land use changes using remote sensing techniques: a temporal analysis of climate change detection with Google Earth engine
Afzal, M., Ali, K., Kasi, M., Rehman, M., Khoshkholghi, A., Haq, B. and Shah, S. 2023. Analyzing land cover and land use changes using remote sensing techniques: a temporal analysis of climate change detection with Google Earth engine. IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications. Exeter, United Kingdom 01 - 03 Nov 2023 IEEE. pp. 2018-2023 https://doi.org/10.1109/TrustCom60117.2023.00277Joint energy and spectral optimization in Heterogeneous Vehicular Network
Alam, A., Ali, K., Trestian, R., Shah, P. and Mapp, G. 2023. Joint energy and spectral optimization in Heterogeneous Vehicular Network. Computer Networks. 238. https://doi.org/10.1016/j.comnet.2023.110111Efficient design for smart environment using Raspberry Pi with Blockchain and IoT (BRIoT)
Ponugumati, S., Ali, K., Lasebae, A., Zahoor, Z., Kiyani, A., Khoshkholghi, A. and Maddu, L. 2023. Efficient design for smart environment using Raspberry Pi with Blockchain and IoT (BRIoT). CCGridW: 4th Workshop on Secure IoT, Edge and Cloud Systems (SioTEC) 2023. Bangalore, India 01 - 04 May 2023 IEEE. pp. 75-80 https://doi.org/10.1109/CCGridW59191.2023.00026Challenges, applications and future of wireless sensors in Internet of Things: a review
Jamshed, M., Ali, K., Abbasi, Q., Imran, M. and Ur-Rehman, M. 2022. Challenges, applications and future of wireless sensors in Internet of Things: a review. IEEE Sensors Journal. https://doi.org/10.1109/JSEN.2022.3148128Adaptability of automated information systems by the development sector in developing countries: a case study
Ahmed, B., Haq, B., Ali, K. and Iqbal, M. 2021. Adaptability of automated information systems by the development sector in developing countries: a case study. International Conference on Computing, Electronic and Electrical Engineering (ICE Cube). Quetta, Pakistan 26 - 27 Oct 2021 IEEE. https://doi.org/10.1109/ICECube53880.2021.9628254Continuous user authentication featuring behavioural biometrics
Kiyani, A. 2021. Continuous user authentication featuring behavioural biometrics. PhD thesis Middlesex University Science and TechnologyRobust continuous user authentication system using long short term memory network for healthcare
Tanveer, A., Lasebae, A., Ali, K., Alkhayyat, A., Ur-Rehman, M., Haq, B. and Naeem, B. 2021. Robust continuous user authentication system using long short term memory network for healthcare. Ur-Rehman, M. and Zoha, A. (ed.) 16th EAI International Conference on Body Area Networks. Glasgow, UK (Online) 25 - 26 Oct 2021 Cham Springer. https://doi.org/10.1007/978-3-030-95593-9_22Review and implementation of resilient public safety networks: 5G, IoT and emerging technologies
Ali, K., Nguyen, H., Vien, Q., Shah, P., Raza, M., Paranthaman, V., Er-Rahmadi, B., Awais, M., Islam, S. and Rodrigues, J. 2021. Review and implementation of resilient public safety networks: 5G, IoT and emerging technologies. IEEE network. 35 (2), pp. 18-25. https://doi.org/10.1109/MNET.011.2000418Heuristic edge server placement in Industrial Internet of Things and cellular networks
Kasi, S., Kasi, M., Ali, K., Raza, M., Afzal, H., Lasebae, A., Naeem, B., Islam, S. and Rodrigues, J. 2021. Heuristic edge server placement in Industrial Internet of Things and cellular networks. IEEE Internet of Things Journal. 8 (13), pp. 10308-10317. https://doi.org/10.1109/JIOT.2020.3041805Continuous user authentication featuring keystroke dynamics based on robust recurrent confidence model and ensemble learning approach
Kiyani, A., Lasebae, A., Ali, K., Ur-Rehman, M. and Haq, B. 2020. Continuous user authentication featuring keystroke dynamics based on robust recurrent confidence model and ensemble learning approach. IEEE Access. 8, pp. 156177-156189. https://doi.org/10.1109/ACCESS.2020.3019467Deployment of drone-based small cells for public safety communication system
Ali, K., Nguyen, H., Vien, Q., Shah, P. and Raza, M. 2020. Deployment of drone-based small cells for public safety communication system. IEEE Systems Journal. 14 (2), pp. 2882-2891. https://doi.org/10.1109/JSYST.2019.2959668Architecture design for disaster resilient management network using D2D technology
Ali, K. 2019. Architecture design for disaster resilient management network using D2D technology. PhD thesis Middlesex University School of Science and Technology
TAEO-A thermal aware & energy optimized routing protocol for wireless body area networks
Javed, M., Ahmed, G., Mahmood, D., Raza, M., Ali, K. and Ur-Rehman, M. 2019. TAEO-A thermal aware & energy optimized routing protocol for wireless body area networks. Sensors. 19 (15), pp. 1-14. https://doi.org/10.3390/s19153275