English
Related papers

Related papers: Secure Namespaced Kernel Audit for Containers

200 papers

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier

With the increasing use and adoption of cloud and cloud-native computing, the underlying technologies (i.e., containerization and virtualization) have become foundational. However, strict isolation and maintaining runtime security in these…

Cryptography and Security · Computer Science 2025-11-25 Sangam Ghimire , Nirjal Bhurtel , Roshan Sahani , Sudan Jha

Linux containers currently provide limited isolation guarantees. While containers separate namespaces and partition resources, the patchwork of mechanisms used to ensure separation cannot guarantee consistent security semantics. Even worse,…

Cryptography and Security · Computer Science 2021-02-16 William Findlay , David Barrera , Anil Somayaji

Searchable Symmetric Encryption (SSE) allows users to search over encrypted data stored on untrusted servers, like cloud providers. While SSE hides the content of queries and documents, it still leaks patterns, such as how often a query is…

Cryptography and Security · Computer Science 2026-03-10 Chinecherem Dimobi

With rapid improvements in NVM storage devices, the performance bottleneck is gradually shifting to the network, thus giving rise to the notion of "data movement wall". To reduce the amount of data movement over the network, researchers…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-02-27 Kornilios Kourtis , Animesh Trivedi , Nikolas Ioannou

This study investigates the potential of WebAssembly as a more secure and efficient alternative to Linux containers for executing untrusted code in cloud computing with Kubernetes. Specifically, it evaluates the security and performance…

Cryptography and Security · Computer Science 2024-11-07 Jasper Alexander Wiegratz

eBPF is a technology that allows developers to safely extend kernel functionality without modifying kernel source code or developing loadable kernel modules. Since the kernel governs critical system operations and enforces isolation…

Programming Languages · Computer Science 2025-07-15 Swarn Priya , Frédéric Besson , Connor Sughrue , Tim Steenvoorden , Jamie Fulford , Freek Verbeek , Binoy Ravindran

Extended Berkeley Packet Filter (eBPF) is a runtime that enables users to load programs into the operating system (OS) kernel, like Linux or Windows, and execute them safely and efficiently at designated kernel hooks. Each program passes…

Existing tamper-evident logging systems suffer from high overhead and severe data loss in high-load settings, yet only provide coarse-grained tamper detection. Moreover, installing such systems requires recompiling kernel code. To address…

Cryptography and Security · Computer Science 2025-09-09 Rui Zhao , Muhammad Shoaib , Viet Tung Hoang , Wajih Ul Hassan

System call filtering is a widely used security mechanism for protecting a shared OS kernel against untrusted user applications. However, existing system call filtering techniques either are too expensive due to the context switch overhead…

Inaccuracies in conventional dependency-tracking methods frequently undermine the security and integrity of modern software supply chains. This paper introduces a kernel-level framework leveraging extended Berkeley Packet Filter (eBPF) to…

Cryptography and Security · Computer Science 2025-03-05 Naveen Srinivasan , Nathan Naveen , Neil Naveen

Extended Berkeley Packet Filter (BPF) has emerged as a powerful method to extend packet-processing functionality in the Linux operating system. BPF allows users to write code in high-level languages (like C or Rust) and execute them at…

Networking and Internet Architecture · Computer Science 2021-07-16 Qiongwen Xu , Michael D. Wong , Tanvi Wagle , Srinivas Narayana , Anirudh Sivaraman

For safety reasons, unprivileged users today have only limited ways to customize the kernel through the extended Berkeley Packet Filter (eBPF). This is unfortunate, especially since the eBPF framework itself has seen an increase in scope…

Operating Systems · Computer Science 2023-08-16 Soo Yee Lim , Xueyuan Han , Thomas Pasquier

The extended Berkeley Packet Filter (eBPF) is useful for faster packet processing and network monitoring in softwarized deployments. Similarly, softwarized deployments of 5G core network services adopted eBPF to meet the stringent latency…

Networking and Internet Architecture · Computer Science 2026-03-23 Yash Deshpande , Samaresh Bera

Audit logs serve as a critical component in enterprise business systems and are used for auditing, storing, and tracking changes made to the data. However, audit logs are vulnerable to a series of attacks enabling adversaries to tamper data…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-07-25 Ashar Ahmad , Muhammad Saad , Aziz Mohaisen

As cloud computing continues to advance and become an integral part of modern IT infrastructure, container security has emerged as a critical factor in ensuring the smooth operation of cloud-native applications. An attacker can attack the…

Cryptography and Security · Computer Science 2025-09-22 Kai Tan , Dongyang Zhan , Lin Ye , Hongli Zhang , Binxing Fang , Zhihong Tian

Extended Berkeley Packet Filter (eBPF) programs are kernel extensions used for networking, observability, and security enforcement in the Linux kernel. The in-kernel eBPF verifier checks low-level memory safety and termination on eBPF…

Cryptography and Security · Computer Science 2026-05-26 Vishnu Asutosh Dasu , Monika Santra , Md Rafi Ur Rashid , Ashish Kumar , Saeid Tizpaz-Niari , Gang Tan

Kubernetes multi-cluster deployments demand scalable and privacy-preserving anomaly detection. Existing eBPF-based monitors provide low-overhead system and network visibility but are limited to single clusters, while centralized approaches…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-10-14 Sehar Zehra , Hassan Jamil Syed , Ummay Faseeha

The overhead of the kernel storage path accounts for half of the access latency for new NVMe storage devices. We explore using BPF to reduce this overhead, by injecting user-defined functions deep in the kernel's I/O processing stack. When…

Operating Systems · Computer Science 2021-02-26 Yu Jian Wu , Hongyi Wang , Yuhong Zhong , Asaf Cidon , Ryan Stutsman , Amy Tai , Junfeng Yang

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin
‹ Prev 1 2 3 10 Next ›