An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository

An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository

The number of exploits of Docker images involving the injection of adversarial behaviors into the image’s layers is increasing immensely. Docker images are a fundamental component of Docker. Therefore, developing a machine learning classifier that effectively predicts and classifies wheth...

Full description

Saved in:
Bibliographic Details
Main Authors: Maram Aldiabat, Qussai M. Yaseen, Qusai Abu Ein
Format: Article
Language:English
Published: IEEE 2024-01-01
Series:IEEE Access
Subjects:
Docker
Docker images
Docker containers
machine learning
malware detection
Online Access:https://ieeexplore.ieee.org/document/10768874/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The number of exploits of Docker images involving the injection of adversarial behaviors into the image’s layers is increasing immensely. Docker images are a fundamental component of Docker. Therefore, developing a machine learning classifier that effectively predicts and classifies whether a Docker image contains injected malicious behaviors is crucial as a proactive approach. This paper proposes a machine learning model to assess the feasibility of employing machine learning algorithms for detecting the security status of Docker images available in the Docker Hub repository. The paper develops a machine learning model for detecting malicious Docker images by using a newly created dataset containing Docker images associated with 14 corresponding features that were specifically chosen as they are critical indicators of potential security risks in Docker images, and the dataset was published for research purposes. Moreover, the paper developed and tested several machine learning algorithms using Docker image features: Naïve Bayes, Decision Tree, Random Forest, Gradient Boosting, Extreme Gradient Boosting, and Neural Network. The results show that the Random Forest classifier demonstrates exceptional accuracy, achieving a 99% F1-score and an AUC of 100%. This performance refers to its capability to accurately classify the images and effectively distinguish between secure and insecure images, in addition to the minimal error rate of less than 1%, outperforming state-of-the-art models to identify malicious Docker images.
ISSN:2169-3536

Similar Items