Secure Container Deployment Using Runtime Threat Detection and Image Hardening Techniques in Kubernetes Environments
Keywords:
Kubernetes Security, Container Hardening, Runtime Threat Detection, Cloud-Native Security, DevSecOpsAbstract
Containerized workloads orchestrated by Kubernetes have become foundational to modern cloud-native systems, yet they introduce complex security challenges across the software supply chain and runtime layers. This research paper investigates secure container deployment by integrating image hardening techniques with runtime threat detection mechanisms in Kubernetes environments. The study synthesizes research and proposes a layered security workflow combining static image analysis, policy enforcement, and behavioral monitoring. Conceptual diagrams, charts, and tables are used to illustrate architectural flows and risk distributions. The paper highlights how defense-in-depth strategies significantly reduce attack surfaces and improve incident response readiness.
References
(1) Merkel, D. (2014). Linux Containers. Linux Journal, Vol. 2014, Issue 239.
(2) Pahl, C. (2015). Containerization and the PaaS Cloud. IEEE Cloud Computing, Vol. 2, Issue 3.
(3) Gundaboina, A. (2024). HITRUST Certification Best Practices: Streamlining Compliance for Healthcare Cloud Solutions. International Journal of Computer Science and Information Technology Research, 5(1), 76–94. https://ijcsitr.org/index.php/home/article/view/IJCSITR_2024_05_01_008
(4) Burns, B., Grant, B., Oppenheimer, D. (2016). Borg, Omega, and Kubernetes. ACM Queue, Vol. 14, Issue 1.
(5) Zhang, Q., Chen, M. (2018). Security Analysis of Container Platforms. Future Generation Computer Systems, Vol. 87, Issue 1.
(6) Aquino, J., et al. (2019). Container Image Security. Journal of Cloud Computing, Vol. 8, Issue 1.
(7) Gundaboina, A. (2024). Automated Patch Management for Endpoints: Ensuring Compliance in Healthcare and Education Sectors. International Journal of Computer Science and Information Technology Research (IJCSITR), 5(2), 114–134. https://doi.org/10.63530/IJCSITR_2024_05_02_010
(8) Sharma, P., Coyne, R. (2020). Policy-Driven Container Security. IEEE Software, Vol. 37, Issue 5.
(9) Liu, Y., et al. (2021). Runtime Intrusion Detection for Containers. Computers & Security, Vol. 104, Issue 1.
(10) Rahman, A., et al. (2023). Survey of Kubernetes Security. ACM Computing Surveys, Vol. 55, Issue 4.
(11) Gundaboina, A. (2024). Application Protection Platforms (CNAPP) for Healthcare: Safeguarding Patient Data in Cloud Infrastructure. International Journal of Innovative Research in Engineering & Multidisciplinary Physical Sciences, 12(5), 1–12. https://doi.org/10.37082/IJIRMPS.v12.i5.232622
(12) Zhang, T. (2019). Microservice Security Patterns. Software: Practice and Experience, Vol. 49, Issue 7.
(13) Xu, L. (2020). Cloud-Native Threat Models. IEEE Access, Vol. 8, Issue 1.
(14) Behl, A. (2021). DevSecOps for Containers. Information Systems Frontiers, Vol. 23, Issue 6.
(15) Gundaboina A. DevSecOps in Healthcare: Building Secure and Compliant Patient Engagement Applications. J Artif Intell Mach Learn & Data Sci 2024 2(4), 3052-3059. DOI: doi.org/10.51219/JAIMLD/anjan-gundaboina/629
(16) Kim, H. (2018). Kernel Attack Surfaces. Journal of Systems Architecture, Vol. 90, Issue 1.
(17) Singh, R. (2022). Behavior-Based Detection in Cloud. Journal of Network and Computer Applications, Vol. 198, Issue 1.
(18) Patel, S. (2017). Secure Software Supply Chains. Computer, Vol. 50, Issue 6.
(19) Gundaboina, A. (2022). Quantum Computing and Cloud Security: Future-Proofing Healthcare Data Protection. International Journal for Multidisciplinary Research, 4(4), 1–12. https://doi.org/10.36948/ijfmr.2022.v04i04.61014
(20) Oliveira, F. (2024). Zero-Trust Kubernetes Security. IEEE Security & Privacy, Vol. 22, Issue 1.
Downloads
Published
Issue
Section
Deprecated: urlencode(): Passing null to parameter #1 ($string) of type string is deprecated in /home/u877385332/domains/ijraics.com/public_html/plugins/generic/pflPlugin/PflPlugin.php on line 216
