Container-based technologies have become widespread today. Docker is the most well-known. Each Docker container is self-contained and serves a single purpose. Docker-based virtualization has gained a lot of momentum in the Cybersecurity field. It is commonly used to develop distributed security systems, virtual environments for training purposes, and intentionally vulnerable honeypots deployed in the network to divert attackers. Docker can also be effectively used to train penetration testers, i.e., security professionals who mimic hackers' actions by attempting to break into a target system to find critical vulnerabilities before real attackers can exploit them. Several works have adopted container-based virtualization to realize frameworks for penetration testing. Though, there is no fully-fledged hacking toolset based on Docker. In this work, we present HOUDINI (Hundreds of Offensive and Useful Docker Images for Network Intrusion), a publicly available and easy-to-use open-source library that can be used to support security testing with Docker containers. We define Quality Criteria that must be met for an image to be included inside the HOUDINI library and benchmark our own images against community-made public alternatives. Finally, we show the effectiveness of using container-based virtualization by simulating a complete hacking session with Docker.
Container-based Virtualization for Ethical Hacking with HOUDINI / Capone, D.; Delicato, A.; Perrone, G.; Romano, S. P.. - 3488:(2023). (Intervento presentato al convegno 2023 Italian Conference on Cyber Security, ITASEC 2023 tenutosi a ita nel 2023).
Container-based Virtualization for Ethical Hacking with HOUDINI
Perrone G.;Romano S. P.
2023
Abstract
Container-based technologies have become widespread today. Docker is the most well-known. Each Docker container is self-contained and serves a single purpose. Docker-based virtualization has gained a lot of momentum in the Cybersecurity field. It is commonly used to develop distributed security systems, virtual environments for training purposes, and intentionally vulnerable honeypots deployed in the network to divert attackers. Docker can also be effectively used to train penetration testers, i.e., security professionals who mimic hackers' actions by attempting to break into a target system to find critical vulnerabilities before real attackers can exploit them. Several works have adopted container-based virtualization to realize frameworks for penetration testing. Though, there is no fully-fledged hacking toolset based on Docker. In this work, we present HOUDINI (Hundreds of Offensive and Useful Docker Images for Network Intrusion), a publicly available and easy-to-use open-source library that can be used to support security testing with Docker containers. We define Quality Criteria that must be met for an image to be included inside the HOUDINI library and benchmark our own images against community-made public alternatives. Finally, we show the effectiveness of using container-based virtualization by simulating a complete hacking session with Docker.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
