The Kubernetes Security Landscape: AI-Driven Insights from Developer Discussions | AIセキュリティポータル

EN

JA

EN

TOP 文献データベース The Kubernetes Security Landscape: AI-Driven Insights from Developer Discussions

arxiv

The Kubernetes Security Landscape: AI-Driven Insights from Developer Discussions

AIセキュリティポータルbot

文献データベースの情報は、自動的に収集されています。

Source

https://arxiv.org/abs/2409.04647

PDF

https://arxiv.org/pdf/2409.04647

文献情報

作者: J. Alexander Curtis;Nasir U. Eisty
公開日: 2024-9-7
所属機関: Computer Science Dept., Boise State University
所属の国: United States of America
会議名: Computing Research Repository (CoRR)

AIにより推定されたラベル

Kubernetesの市場動向サイバーセキュリティデータ収集

※ こちらのラベルはAIによって自動的に追加されました。そのため、正確でないことがあります。
詳細は文献データベースについてをご覧ください。

Abstract

Kubernetes, the go-to container orchestration solution, has swiftly become the industry standard for managing containers at scale in production environments. Its widespread adoption, particularly in large organizations, has elevated its profile and made it a prime target for security concerns. This study aims to understand how prevalent security concerns are among Kubernetes practitioners by analyzing all Kubernetes posts made on Stack Overflow over the past four years. We gathered security insights from Kubernetes practitioners and transformed the data through machine learning algorithms for cleaning and topic clustering. Subsequently, we used advanced AI tools to automatically generate topic descriptions, thereby reducing the analysis process. In our analysis, security-related posts ranked as the fourth most prevalent topic in these forums, comprising 12.3% of the overall discussions. Furthermore, the findings indicated that although the frequency of security discussions has remained constant, their popularity and influence have experienced significant growth. Kubernetes users consistently prioritize security topics, and the rising popularity of security posts reflects a growing interest and concern for maintaining secure Kubernetes clusters. The findings underscore key security issues that warrant further research and the development of additional tools to resolve them.

外部データセット

Kubernetes Stack Overflow posts

参考文献

Kubernetes Case Studies

Who We Are — cncf.io

Hackers exploit Tesla’s AWS servers to mine cryptocurrency

Published: 2018

Empirical Software Engineering

What are developers talking about? an analysis of topics and trends in stack overflow

A. Barua, S. W. Thomas, A. E. Hassan

Published: 2014

IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2014)

Min(e)d your tags: Analysis of question response time in StackOverflow

V. Bhat, A. Gokhale, R. Jadhav, J. Pudipeddi, L. Akoglu

Published: 2014

IEEE 15th International Conference on Cloud Computing (CLOUD)

Stay at the helm: secure kubernetes deployments via graph generation and attack reconstruction

A. Blaise, F. Rebecchi

Published: 2022

IEEE/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (En-CyCriS)

‘under-reported’ security defects in kubernetes manifests

D. B. Bose, A. Rahman, S. I. Shamim

Published: 2021

Commun. ACM

Borg, omega, and kubernetes

B. Burns, B. Grant, D. Oppenheimer, E. Brewer, J. Wilkes

Published: 2016

2015 24th Australasian Software Engineering Conference

Who will answer my question on stack overflow?

M. Choetkiertikul, D. Avery, H. K. Dam, T. Tran, A. Ghose

Published: 2015

Cloud Native Computing Foundation

resources.stackoverflow.co

Best practices for tag lifecycle management: Applying tags - Stack Overflow

S. O. contributors

Published: 2022

Front Sociol

A topic modeling comparison between LDA, NMF, Top2Vec, and BERTopic to demystify twitter posts

R. Egger, J. Yu

Published: 2022

Introducing domain-oriented microservice architecture

Bertopic: Neural topic modeling with a class-based tf-idf procedure

Maarten Grootendorst

Published: 2022

maartengr.github.io

c-TF-IDF - BERTopic

M. P. Grootendorst

IEEE Secure Development (SecDev)

XI commandments of kubernetes security: A systematization of knowledge related to kubernetes security practices

M. S. Islam Shamim, F. Ahamed Bhuiyan, A. Rahman

Published: 2020

IEEE Intl Conf on Dependable, Autonomic and Secure Computing

Design of cloud native application architecture based on kubernetes

Q. Jiao, B. Xu, Y. Fan

Published: 2021

SSRN

Gpt-4 passes the bar exam

D. M. Katz, M. J. Bommarito, S. Gao, others

Published: 2023

ACM Computing Surveys

Pre-train, prompt, and predict: A systematic survey of prompting methods in natural language processing

Pengfei Liu, Weizhe Yuan, Jinlan Fu, Zhengbao Jiang, Hiroaki Hayashi, Graham Neubig

Published: 2023

International Conference on Computing, Communication, Security and Intelligent Systems (IC3SIS)

Detection, analysis and countermeasures for container based misconfiguration using docker and kubernetes

V. B. Mahajan, S. B. Mane

Published: 2022

Comput. Electr. Eng.

Characterising resource management performance in kubernetes

V. Medel, R. Tolosana-Calasanz, J. A. Ba ñares, U. Arronategui, O. F. Rana

Published: 2018

infosecurity-magazine.com

Over Half of Users Report Kubernetes/Container Security Incidents

Published: 2023

A design analysis of cloud-based microservices architecture at netflix

Published: 2020

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

stackoverflow.com

’kubernetes’ Tag Synonyms

stackoverflow.blog

Stack Overflow trends: Weekday vs weekend site activity

Published: 2022

IEEE International Conference on Software Maintenance and Evolution

Improving low quality stack overflow post detection

L. Ponzanelli, A. Mocci, A. Bacchelli, M. Lanza, D. Fullerton

Published: 2014

ACM Trans. Softw. Eng. Methodol.

Security misconfigurations in open source kubernetes manifests: An empirical study

A. Rahman, S. I. Shamim, D. B. Bose, R. Pandita

Published: 2023

Using TF-IDF to determine word relevance in document queries

Published: 2003

Red Hat Global Customer Tech Outlook 2023: Security is the top priority as digital transformation continues

State of kubernetes security report 2023

Red Hat

Published: 2023

globenewswire.com

Global Kubernetes Market Size/Share Worth USD 7.8 Billion by 2030

Nature

Gpt-4 is here: what scientists think

Katharine Sanderson

Published: 2023

Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2021

Mitigating security attacks in kubernetes manifests for security best practices violation

S. I. Shamim

Published: 2021

2023 13th International Conference on Advanced Computer Information Technologies (ACIT)

Software for improve the security of kubernetes-based CI/CD pipeline

R. Shevchuk, M. Karpinski, M. Kasianchuk, I. Yakymenko, A. Melnyk, R. Tykhyi

Published: 2023

Information and Software Technology

A mixed method study of DevOps challenges

M. H. Tanzil, M. Sarker, G. Uddin, A. Iqbal

Published: 2023

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

2021 IEEE/ACM 29th International Conference on Program Comprehension (ICPC)

Characterization and prediction of questions without accepted answers on stack overflow

M. Yazdaninia, D. Lo, A. Sami

Published: 2021

2023 IEEE/ACM 20th International Conference on Mining Software Respositories (MSR)

Helm charts for kubernetes applications: Evolution, outdatedness and security risks

A. Zerouali, R. Opdebeeck, C. De Roover

Published: 2023

Journal of Internet Services and Applications

Cloud computing: state-of-the-art and research challenges

Q. Zhang, L. Cheng, R. Boutaba

Published: 2010