Security Challenges in Docker and

Containerized Applications: An
Experimental Review of Threats and
Mitigations
Krishna Tamakuwala1
Master of Information Technology – Whitecliffe,
1
[email protected]

1. Introduction
1.1 Docker’s History

Previously, Virtual machines were being used for deployments in specific operating system. However, the major
problem was its space requirement. So, to resolve that issue containers came in the deployment scenario.
Containers are not new technology as it were introduced in 1970 for isolated development and deployment of
application (D2iQ, 2018). These containers were used to test the code so that it cannot affect any other
environment and run in separate environment like sandbox. The biggest disadvantage of those containers was,
they were not portable and they were machine dependent (D2iQ, 2018). Containers were previously used by big
companies and not by small IT companies to fulfil their needs but it started to came in lime light as it was
evolving (D2iQ, 2018). In year 2008, LXC (Linux Containers) released and it was first and most completed
implementation of Linux based containers and they were taking significant less space because it was directly
communicating with Linux kernel (Osnat, 2010). The major change in container technology history occurred in
year 2013, Docker word was released in the market because the previous company Doc-Cloud (Currently
known as Docker) were using their own early version of docker technology and at first it was based on LXC but
after they implemented their own container manager and they released Docker 1.0 in year 2014 (Osnat, 2010;
Jhonston, 2016; Vaughan-Nichols, 2018). These docker containers also creates a virtual environment but it
different than virtual machines. Figure 1 shows that how virtual machines requires hypervisor and docker
container requires docker daemon.
 Figure 1. Virtual Machines VS Docker Containers

Most importantly, Virtual machines require own guest OS and on the other hand docker container directly
communicates with host OS. That is what makes docker different than virtual machines because it takes less
spaces. While using docker container, a user has to more careful since it directly based on Host OS and share the
same OS kernel (SULTAN, IMTIAZ, & TASSOS, 2016).

1.2 Docker’s popularity

In year 2016, docker based industries or companies’ annual revenue as $749 million, which increased by 35
percent of compound annual growth rate in year 2021 and crossed $3.4 billion. And according to Omdia
Universe, this annual revenue will be $7.5 billion by year 2025, with the compound annual growth rate of 25
percent, which is higher than many other technologies (Vaughan-Nichols, 2018; S, Sethuraman, & Khan, 2023).
As per this data it is a fact that Docker is now an essential technology and it is widely used DevOps now due to
its ability to streamline application deployment, scalability, and environment consistency. According to the State
of DevOps survey for 2023, over 68% of enterprises use Docker containers in CI/CD pipelines, providing
evidence of its dominance in modern development processes because Docker delivers a pipeline of lightweight,
portable features that significantly reduce implementation time and transaction costs making It an essential tool
for organizations. After this much popularity docker faces some security issue and vulnerabilities which can
cause a big security outbreak.

1.3 Security challenges

Docker container faces vast level of possible attacks or threats than VMs as it directly attached on Host OS
kernel and attackers have only one layer to exploit. On the other hand, in VMS attackers must first penetrate the
VMs OS layer then hypervisor layer and at last they can exploit Host OS (Jain, Singh, Khenwar, & Sharma,
2021). There are some possible attacks like Image poisoning, Denial of Service (DoS) attack or Distributed
Denial of Service (DDoS) attack, exploitation of Host kernel, Man in the middle (MITM) attack, Identity Theft,
etc. Majorly, these attacks happened because of unsecured network configuration or by not using trusted docker
images (Upadhya, Shetty, S, & Shobha, 2017).

2. Literature Review
The ease of software development and deployment doing so in a scalable manner has been greatly aided by the
increasing availability of containerized technologies such as Docker. But these benefits do carry some security
risks. This literature review summarizes research results on Docker security, focusing on vulnerabilities, attack
patterns, mitigations, and future directions.
Understanding the origins and evolution of containers is imperative to understanding their security challenges.
1970s, early containerization concepts like chroot paved the way for modern tools like Docker. From primitive
isolation techniques to tools with orchestration like Kubernetes were presented in plenty of studies such as
AquaSec (Osnat, 2010) and D2iQ (D2iQ, 2018). This documented history shows how the ease of use of Docker
has led to unintended security windows.

Security researchers have proposed various threat models to classify exploitable vulnerabilities and potential
attacks on container-based deployment scenarios. (Chamoli & Sarishma, 2021)’s research surfaces a major
kernel-level threat with shared resources in a Docker architecture. (Tomar, Jeena, Mishra, & Bisht, 2020)’s
threat classification system categorizes threats by denial of service (DoS), privilege escalation, image poisoning,
etc. This work focuses on the real-time attack scenarios, exposing shortcomings in existing defence strategies.
(S, Sethuraman, & Khan, 2023) suggests layered security approaches in meta-analyses of technology in
educational settings to mediate such threats.
References
Chamoli, S., & Sarishma. (2021). Docker Security: Architecture, Threat Model, and Best Practices.
Advances in Intelligent Systems and Computing, 253-263.

D2iQ. (2018, July 19). A Brief History of Containers. (D2iQ) Retrieved November 26, 2024, from A
Brief History of Containers: https://d2iq.com/blog/brief-history-containers

Jain, V., Singh, D. B., Khenwar, M., & Sharma, M. (2021). Static Vulnerability Analysis of Docker
Images. IOP Conference Series: Materials Science and Engineering, 1131(1), 012018.

Jhonston, S. (2016, November 23). How Docker brought containers mainstream.

Osnat, R. (2010, January 10). A Brief History of Containers: From the 1970s Till Now. (Aqua Security)
Retrieved November 26, 2024, from https://www.aquasec.com/blog/a-brief-history-of-
containers-from-1970s-chroot-to-docker-2016/

S, D. P., Sethuraman, S. C., & Khan, M. K. (2023). Container security: Precaution levels, mitigation
strategies, and research perspectives. Computers & Security, 135.

SULTAN, S., IMTIAZ, A., & TASSOS, D. (2016). Containers’ Security: Issues, Challenges, and Road
Ahead. IEEE.

Tomar, A., Jeena, D., Mishra, P., & Bisht, R. (2020). Docker Security: A Threat Model, Attack Taxonomy
and Real-Time Attack Scenario of DoS. 2020 10th International Conference on Cloud
Computing, Data Science & Engineering (Confluence) (pp. 150-155). Noida, India: IEEE.

Upadhya, S., Shetty, J., S, R. R., & Shobha, D. G. (2017). A State-of-Art Review of Docker Container
Security Issues and Solutions. American International Journal of Research in Science,
Technology, Engineering & Mathematics, 33-36.

Vaughan-Nichols, S. (2018, March 21). What is Docker and why is it so darn popular? (ZDNET)
Retrieved November 26, 2024, from https://www.zdnet.com/article/what-is-docker-and-
why-is-it-so-darn-popular/