NODE LEVEL CONTAINER MUTATION DETECTION

NODE LEVEL CONTAINER MUTATION DETECTION

A computer-implemented method for determining container information associated with detected container mutation events is disclosed. The computer-implemented method includes: determining that a system call event to a host operating system includes a call to join a namespace and execute a parent proc...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Watanabe, Yuji, Kudo, Ruriko, Kitahara, Hirokuni, Gajananan, Kugamoorthy
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A computer-implemented method for determining container information associated with detected container mutation events is disclosed. The computer-implemented method includes: determining that a system call event to a host operating system includes a call to join a namespace and execute a parent process inside the namespace; determining that the namespace is associated with an existing container; responsive to determining that the namespace is associated with an existing container, determining that the system call event further includes a call to execute a child process inside the namespace; and responsive to determining that the system call event further includes a call to execute a child process inside the namespace: designating the child process as a mutation event to the existing container, and determining container information associated with the mutation event to the existing container. A corresponding computer system and computer program product are also disclosed.