all InfoSec news
Timeloops: Automatic System Call Policy Learning for Containerized Microservices. (arXiv:2204.06131v3 [cs.CR] UPDATED)
cs.CR updates on arXiv.org arxiv.org
In this paper we introduce Timeloops a novel technique for automatically
learning system call filtering policies for containerized microservices
applications. At run-time, Timeloops automatically learns which system calls a
program should be allowed to invoke while rejecting attempts to call spurious
system calls. Further, Timeloops addresses many of the shortcomings of
state-of-the-art static analysis-based techniques, such as the ability to
generate tight filters for programs written in interpreted languages such as
PHP, Python, and JavaScript. Timeloops has a simple and …
automatic call containerized microservices microservices policy system