Journal of Information Security Reserach ›› 2023, Vol. 9 ›› Issue (10): 947-.

Previous Articles     Next Articles

Research on Memory Webshell Detection in Docker Container Based on RASP Technology


  • Online:2023-10-17 Published:2023-10-28



  1. (安芯网盾(北京)科技有限公司北京100085)
  • 通讯作者: 杨芳 硕士.主要研究方向为信息安全、应急管理.
  • 作者简介:姚纪卫 主要研究方向为内核安全、内存安全、信息安全. 王伟 硕士.主要研究方向为信息安全、应用安全. 杨芳 硕士.主要研究方向为信息安全、应急管理.

Abstract: Containers have become a vital infrastructure supporting cloud computing application execution, making container security increasingly crucial. The frequent occurrence of container security incidents has propelled the urgent need for research in container security protection. Unlike traditional host security measures that emphasize boundary defense, container security places greater emphasis on runtime and overall security protection. From an offensive and defensive standpoint, this paper proposes a detection study targeting the highrisk attack method of memory Webshell attacks in container environments.

Key words: runtime application self protection, memory protection, attack chain detection and response, memory Webshell detection, container security

摘要: 容器成为支撑云计算应用运行的重要载体,容器安全变得越来越重要.频繁爆出的容器安全事件让容器安全防护的研究刻不容缓,与传统的网络安全防护重视边界防护不同的是,容器安全更重视运行时和整体的安全防护.从攻防的视角出发,提出了一种针对容器环境下比较高危的攻击手段内存Webshell攻击的检测研究方法.

关键词: 运行时程序自保护, 内存保护, 攻击链检测与响应, 内存Webshell检测, 容器安全

CLC Number: