中圖分類號： TP391
文獻標識碼： A
DOI： 10.19358/j.issn.2096-5133.2022.04.010
引用格式： 崔軻，燕瑋，劉子健，等. 基于OpenStack云平臺的Docker容器安全監測方法研究[J].信息技術與網絡安全，2022，41(4)：65-70.

Research on security monitoring method of Docker container engine based on OpenStack cloud platform

Abstract： With the rise of virtualization technology and container technology, container security has attracted extensive attention of society and enterprises. In view of the problems that the traditional monitoring method does not fully monitor the Docker container information and is easy to produce monitoring black holes, this paper proposes a Docker container security monitoring method under the OpenStack cloud platform. This method has strong pertinence and low resource occupancy. In addition to realizing the traditional monitoring function, this methocl can effectively monitor the malicious attacks such as DoS attack and container escape by using the Logistic-ARMA warning model and BERT sequence annotation，and realize the customized early warning functions according to different container sizes. Experimental results show that the accuracy of threat prediction in large-scale container networks can reach more than 85%.

Key words : Docker container；Logistic-ARMA；Bert sequence annotation；large scale container network