Container Attack Surface Reduction Beyond Name Space Isolation

Conference:  BlackHat EU 2018



The presentation discusses the need for specialized API versions and container images to improve cybersecurity and DevOps practices.
  • Specialized API versions can be created to identify and enforce policies on critical API functions
  • Container images should be designed with a single purpose and tailored to only include necessary components to reduce vulnerabilities
  • Automated vulnerability scanning can help identify and mitigate potential risks
The presenters discovered that many of the top 20 Docker images on Docker Hub had triple digit vulnerabilities, highlighting the need for improved container image design and vulnerability management.


Public container images are riddled with vulnerabilities. We've analyzed the top 100 official Docker images present on DockerHub and found thousands of vulnerabilities and misconfigurations. Many of these vulnerabilities lie not within the application itself but in dependencies, binaries, and file/user/network permissions that are not required for the application to run. This issue has been recently mitigated by using a smaller base image layer such as Alpine, Minideb, and Cirros. While this is a step forward to reduce the attack surface, this is still not enough. Like Unix tools, containers should be atomic in nature and fulfill only one task efficiently. In the context of containers, this means a container should be tailored to run one application only. It means only the required libraries, binaries, files, and network protocols to support a given application should be present. Our approach tackles this problem by using a fine-grained container-wide profiling tool we developed to identify the subset of resources that the application absolutely needs in order to perform its normal operation. The output of our tool is then used to guide the container re-creation process to generate a new unique container image tailored specifically to only support the given application. This new container image not only contains the minimum set of dependencies, but is also hardened with strict lock down policies which are enforced at runtime at the system API level to support only the application's intended operations, and neutralize any unneeded functionality that may be of use to exploits. In a preprocessing phase, the tool analyzes each application to pinpoint the call sites of potentially useful (to attackers) system API functions, and uses backwards data flow analysis to derive their expected argument values and generate whitelisting policies in a best-effort way. At runtime, the system exposes to the protected application only specialized versions of these critical API functions, and blocks any invocation that violates the enforced policy.We've tested our approach on thousands of containers and will present results that demonstrate that our approach not only successfully removed 50%-70% of the known vulnerabilities in the tested images, but can also effectively block many zero-day attacks.