Jeongeun Ryu¹, Riyeong Kim², Soomin Lee¹, Sumin Kim¹, Hyunwoo Choi^1,2, Seongmin Kim^1,2,*

CMC-Computers, Materials & Continua, Vol.86, No.3, 2026, DOI:10.32604/cmc.2025.074871 - 12 January 2026

Abstract As containerized environments become increasingly prevalent in cloud-native infrastructures, the need for effective monitoring and detection of malicious behaviors has become critical. Malicious containers pose significant risks by exploiting shared host resources, enabling privilege escalation, or launching large-scale attacks such as cryptomining and botnet activities. Therefore, developing accurate and efficient detection mechanisms is essential for ensuring the security and stability of containerized systems. To this end, we propose a hybrid detection framework that leverages the extended Berkeley Packet Filter (eBPF) to monitor container activities directly within the Linux kernel. The framework simultaneously collects flow-based network… More >

Absar Hussain¹, Abdul Aziz¹, Hassan Jamil Syed^2,*, Shoaib Raza¹

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 3105-3124, 2025, DOI:10.32604/cmc.2025.062628 - 03 July 2025

Abstract Kubernetes has become the dominant container orchestration platform, with widespread adoption across industries. However, its default pod-to-pod communication mechanism introduces security vulnerabilities, particularly IP spoofing attacks. Attackers can exploit this weakness to impersonate legitimate pods, enabling unauthorized access, lateral movement, and large-scale Distributed Denial of Service (DDoS) attacks. Existing security mechanisms such as network policies and intrusion detection systems introduce latency and performance overhead, making them less effective in dynamic Kubernetes environments. This research presents PodCA, an eBPF-based security framework designed to detect and prevent IP spoofing in real time while minimizing performance impact. PodCA… More >

Songi Gwak, Thien-Phuc Doan, Souhwan Jung^*

Intelligent Automation & Soft Computing, Vol.37, No.2, pp. 1773-1786, 2023, DOI:10.32604/iasc.2023.039565 - 21 June 2023

Abstract Containerization is a fundamental component of modern cloud-native infrastructure, and Kubernetes is a prominent platform of container orchestration systems. However, containerization raises significant security concerns due to the nature of sharing a kernel among multiple containers, which can lead to container breakout or privilege escalation. Kubernetes cannot avoid it as well. While various tools, such as container image scanning and configuration checking, can mitigate container workload vulnerabilities, these are not foolproof and cannot guarantee perfect isolation or prevent every active threat in runtime. As such, a policy enforcement solution is required to tackle the problem,… More >