{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:45:57Z","timestamp":1773153957814,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":24,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,12,9]],"date-time":"2019-12-09T00:00:00Z","timestamp":1575849600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,12,9]]},"DOI":"10.1145\/3366615.3368356","type":"proceedings-article","created":{"date-parts":[[2019,11,8]],"date-time":"2019-11-08T13:40:33Z","timestamp":1573220433000},"page":"31-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Can Container Fusion Be Securely Achieved?"],"prefix":"10.1145","author":[{"given":"Sahil","family":"Suneja","sequence":"first","affiliation":[{"name":"IBM Research, NY, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ali","family":"Kanso","sequence":"additional","affiliation":[{"name":"IBM Research, NY, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Canturk","family":"Isci","sequence":"additional","affiliation":[{"name":"IBM Research, NY, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Designing Fine-Grained Systems. O'reilly Media","author":"Building Microservices Sam Newman","year":"2018","unstructured":"Sam Newman Building Microservices : Designing Fine-Grained Systems. O'reilly Media , Inc , USA -- 2018 Sam Newman Building Microservices: Designing Fine-Grained Systems. O'reilly Media, Inc, USA -- 2018"},{"key":"e_1_3_2_1_2_1","volume-title":"from research to practice","author":"Wilde Erik","year":"2014","unstructured":"Erik Wilde , Rest : from research to practice . Springer 2014 Erik Wilde, Rest: from research to practice. Springer 2014"},{"key":"e_1_3_2_1_3_1","volume-title":"available at: https:\/\/istio.io, accessed on","author":"Mesh Istio Service","year":"2019","unstructured":"Istio Service Mesh , available at: https:\/\/istio.io, accessed on September 2019 . Istio Service Mesh, available at: https:\/\/istio.io, accessed on September 2019."},{"key":"e_1_3_2_1_4_1","volume-title":"Sahil Suneja and Canturk Isci, \"RECap: Run-Escape Capsule for On-demand Managed Service Delivery in the Cloud\", in the proceedings of the 10th Workshop on Hot Topics in Cloud Computing","author":"Nadgowda Shripad","year":"2018","unstructured":"Shripad Nadgowda , Sahil Suneja and Canturk Isci, \"RECap: Run-Escape Capsule for On-demand Managed Service Delivery in the Cloud\", in the proceedings of the 10th Workshop on Hot Topics in Cloud Computing . Boston, USA. 2018 Shripad Nadgowda, Sahil Suneja and Canturk Isci, \"RECap: Run-Escape Capsule for On-demand Managed Service Delivery in the Cloud\", in the proceedings of the 10th Workshop on Hot Topics in Cloud Computing. Boston, USA. 2018"},{"key":"e_1_3_2_1_5_1","unstructured":"CVE-2014-4701: nagios-plugins: check_dhcp Arbitrary Option File Read. https:\/\/access.redhat.com\/security\/cve\/cve-2014-4701.  CVE-2014-4701: nagios-plugins: check_dhcp Arbitrary Option File Read. https:\/\/access.redhat.com\/security\/cve\/cve-2014-4701."},{"key":"e_1_3_2_1_6_1","unstructured":"CVE-2013-4215: nagios plugins: IPXPING_COMMAND uses fixed location in \/tmp. https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=957482.  CVE-2013-4215: nagios plugins: IPXPING_COMMAND uses fixed location in \/tmp. https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=957482."},{"key":"e_1_3_2_1_7_1","unstructured":"CVE-2018-18245: Advisory: Nagios Core Stored XSS via Plugin Out- put. https:\/\/herolab.usd.de\/wp-content\/uploads\/sites\/4\/2018\/12\/usd20180026.txt.  CVE-2018-18245: Advisory: Nagios Core Stored XSS via Plugin Out- put. https:\/\/herolab.usd.de\/wp-content\/uploads\/sites\/4\/2018\/12\/usd20180026.txt."},{"key":"e_1_3_2_1_8_1","unstructured":"The New Stack. TOOLS AND PROCESSES FOR MONITORING CONTAINERS. https:\/\/thenewstack.io\/identifying-collecting-container-data\/.  The New Stack. TOOLS AND PROCESSES FOR MONITORING CONTAINERS. https:\/\/thenewstack.io\/identifying-collecting-container-data\/."},{"key":"e_1_3_2_1_9_1","unstructured":"seccomp - operate on Secure Computing state of the process. http:\/\/man7.org\/linux\/man-pages\/man2\/seccomp.2.html.  seccomp - operate on Secure Computing state of the process. http:\/\/man7.org\/linux\/man-pages\/man2\/seccomp.2.html."},{"key":"e_1_3_2_1_10_1","unstructured":"netfilter \/ iptables. https:\/\/www.netfilter.org\/.  netfilter \/ iptables. https:\/\/www.netfilter.org\/."},{"key":"e_1_3_2_1_11_1","unstructured":"Overview of Linux capabilities. http:\/\/man7.org\/linux\/man-pages\/man7\/capabilities.7.html.  Overview of Linux capabilities. http:\/\/man7.org\/linux\/man-pages\/man7\/capabilities.7.html."},{"key":"e_1_3_2_1_12_1","unstructured":"Overview of Linux namespaces. http:\/\/man7.org\/linux\/man-pages\/man7\/namespaces.7.html.  Overview of Linux namespaces. http:\/\/man7.org\/linux\/man-pages\/man7\/namespaces.7.html."},{"key":"e_1_3_2_1_13_1","unstructured":"Linux Man Pages. collectd_selinux: Security Enhanced Linux Policy for the collectd processes. https:\/\/www.systutorials.com\/docs\/linux\/man\/8-collectd_selinux\/.  Linux Man Pages. collectd_selinux: Security Enhanced Linux Policy for the collectd processes. https:\/\/www.systutorials.com\/docs\/linux\/man\/8-collectd_selinux\/."},{"key":"e_1_3_2_1_14_1","first-page":"2","volume-title":"USENIX Security Symposium","volume":"46","author":"Watson R. N.","year":"2010","unstructured":"R. N. Watson , J. Anderson , B. Laurie , and K. Kennaway . Capsicum: Practical capabilities for unix . In USENIX Security Symposium , volume 46 , page 2 , 2010 . R. N. Watson, J. Anderson, B. Laurie, and K. Kennaway. Capsicum: Practical capabilities for unix. In USENIX Security Symposium, volume 46, page 2, 2010."},{"key":"e_1_3_2_1_15_1","unstructured":"Offensive Security. Exploit Database. https:\/\/www.exploit-db.com\/.  Offensive Security. Exploit Database. https:\/\/www.exploit-db.com\/."},{"issue":"1","key":"e_1_3_2_1_16_1","first-page":"31","volume":"24","author":"Hunt P.","year":"2003","unstructured":"P. Hunt and S. Hansman . A taxonomy of network and computer attack method- ologies. Computers and Security , 24 ( 1 ): 31 -- 43 , 2003 . P. Hunt and S. Hansman. A taxonomy of network and computer attack method- ologies. Computers and Security, 24(1):31--43, 2003.","journal-title":"Computers and Security"},{"key":"e_1_3_2_1_17_1","unstructured":"CVE-2007-5623 nagios-plugins check_snmp possible buffer overflow. https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=348731.  CVE-2007-5623 nagios-plugins check_snmp possible buffer overflow. https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=348731."},{"key":"e_1_3_2_1_18_1","unstructured":"Dawid Golunski. Nagios-Exploit-Root-PrivEsc-CVE- 2016-9566. https:\/\/legalhackers.com\/advisories\/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html.  Dawid Golunski. Nagios-Exploit-Root-PrivEsc-CVE- 2016-9566. https:\/\/legalhackers.com\/advisories\/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html."},{"key":"e_1_3_2_1_19_1","unstructured":"Metasploit | Penetration Testing Software. https:\/\/www.metasploit.com\/.  Metasploit | Penetration Testing Software. https:\/\/www.metasploit.com\/."},{"key":"e_1_3_2_1_20_1","unstructured":"Metasploitable 2 Exploitability Guide. https:\/\/metasploit.help.rapid7.com\/docs\/metasploitable-2-exploitability-guide.  Metasploitable 2 Exploitability Guide. https:\/\/metasploit.help.rapid7.com\/docs\/metasploitable-2-exploitability-guide."},{"key":"e_1_3_2_1_21_1","volume-title":"Attack and Defend: Linux Privilege Escalation Techniques of","author":"Long Michael C.","year":"2016","unstructured":"Michael C. Long . Attack and Defend: Linux Privilege Escalation Techniques of 2016 . https:\/\/www.sans.org\/reading-room\/whitepapers\/linux\/attack-defend-linux-privilege-escalation-techniques-2016-37562. Michael C. Long. Attack and Defend: Linux Privilege Escalation Techniques of 2016. https:\/\/www.sans.org\/reading-room\/whitepapers\/linux\/attack-defend-linux-privilege-escalation-techniques-2016-37562."},{"key":"e_1_3_2_1_22_1","unstructured":"Kubernetes: Production-Grade Container Orchestration http:\/\/kubernetes.io  Kubernetes: Production-Grade Container Orchestration http:\/\/kubernetes.io"},{"key":"e_1_3_2_1_23_1","unstructured":"Docker - Build Ship and Run Any App Anywhere. https:\/\/www.docker.com\/.  Docker - Build Ship and Run Any App Anywhere. https:\/\/www.docker.com\/."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1355284.1355292"}],"event":{"name":"Middleware '19: 20th International Middleware Conference","location":"Davis CA USA","acronym":"Middleware '19","sponsor":["ACM Association for Computing Machinery","IFIP"]},"container-title":["Proceedings of the 5th International Workshop on Container Technologies and Container Clouds"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3366615.3368356","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3366615.3368356","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:13:33Z","timestamp":1750202013000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3366615.3368356"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,12,9]]},"references-count":24,"alternative-id":["10.1145\/3366615.3368356","10.1145\/3366615"],"URL":"https:\/\/doi.org\/10.1145\/3366615.3368356","relation":{},"subject":[],"published":{"date-parts":[[2019,12,9]]},"assertion":[{"value":"2019-12-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}