No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
build
demo5
endpoint
flaskAPI
images
lib
master
presentations
registry
scripts
.gitignore
CSD project details proposal.pdf
License.txt
README.textile
RabbitMQ.md
utils.py

README.textile

Container Safety Determination (CSD) is an open source scanning and monitoring tool that lets engineers examine the safety state of their containers. The tool works for both images and containers, and can be configured to work without user intervention.

CSD detects suspicious files by comparing all the files of a given image with a database of known malicious and non-malicious binaries in order to determine how safe an image is. The security engineer works on the feedback received for a particular image and takes action accordingly.

Rahul Sharma
Jeremy Mwenda
Renqing Gao
Kostas Papadopoulos

Mentored by: Sastry S Duri (IBM Research)


Project Demo

Prerequisites
sudo apt-get -y install python-pip rabbitmq-server git wget clamav docker-compose
sudo pip install Flask
pip install elasticsearch
pip install pika
pip install -U flask-cors
Docker installation
wget -qO- https://get.docker.com/ | sh
sudo usermod -aG docker $(whoami)
reboot
Installation:
Installation steps

What it does:

Detect New Image —> Pull —> Hash —> Compare

CSD works by listening for notifications from an assigned Docker registry. Whenever someone pushes a new image, CSD pulls that image and proceeds to compute similarity digest hashes of all its files. CSD utilizes sdhash to compare files from an image to a reference data set of known files stored in elasticsearch database. The files that are not found in the database or are deemed to be different from the reference files, can then be sent to external scanning tools for further analysis. We have currently integrated ClamAV as an external scanner for such files.

The end-goal of the CSD design is to provide a customizable and scalable way for engineers to check safety related attributes of image files in order to help them decide the if an image is safe.


More detailed documentation of our project can be found on the project wiki page. The wiki includes:

Contributors: