{"id":"https://openalex.org/W4412623215","doi":"https://doi.org/10.1109/access.2025.3592192","title":"DeSFAM: An Adaptive eBPF and AI-Driven Framework for Securing Cloud Containers in Real Time","display_name":"DeSFAM: An Adaptive eBPF and AI-Driven Framework for Securing Cloud Containers in Real Time","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4412623215","doi":"https://doi.org/10.1109/access.2025.3592192"},"language":"en","primary_location":{"id":"doi:10.1109/access.2025.3592192","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3592192","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2025.3592192","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092089408","display_name":"Sehar Zehra","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Sehar Zehra","raw_affiliation_strings":["Department of Computer Science, FAST National University of Computer and Emerging Sciences, Karachi, Pakistan","National University of Computer &#x0026; Emerging Sciences (FAST), Karachi, Pakistan"],"raw_orcid":"https://orcid.org/0009-0007-7595-1221","affiliations":[{"raw_affiliation_string":"Department of Computer Science, FAST National University of Computer and Emerging Sciences, Karachi, Pakistan","institution_ids":["https://openalex.org/I201384688"]},{"raw_affiliation_string":"National University of Computer &#x0026; Emerging Sciences (FAST), Karachi, Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023776758","display_name":"Hassan Jamil Syed","orcid":"https://orcid.org/0000-0002-1834-1810"},"institutions":[{"id":"https://openalex.org/I181397559","display_name":"Asia Pacific University of Technology & Innovation","ror":"https://ror.org/03c52a632","country_code":"MY","type":"education","lineage":["https://openalex.org/I181397559"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Hassan Jamil Syed","raw_affiliation_strings":["Asia Pacific University of Technology and Innovation (APU), Kuala Lumpur, Malaysia","Asia Pacific University of Technology &#x0026; Innovation (APU), Bukit Jalil, Kuala Lumpur, Malaysia"],"raw_orcid":"https://orcid.org/0000-0002-1834-1810","affiliations":[{"raw_affiliation_string":"Asia Pacific University of Technology and Innovation (APU), Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I181397559"]},{"raw_affiliation_string":"Asia Pacific University of Technology &#x0026; Innovation (APU), Bukit Jalil, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I181397559"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011416254","display_name":"Fahad Samad","orcid":"https://orcid.org/0000-0003-3833-2644"},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Fahad Samad","raw_affiliation_strings":["Department of Cyber Security, FAST National University of Computer and Emerging Sciences, Karachi, Pakistan","National University of Computer &#x0026; Emerging Sciences (FAST), Karachi, Pakistan"],"raw_orcid":"https://orcid.org/0000-0003-3833-2644","affiliations":[{"raw_affiliation_string":"Department of Cyber Security, FAST National University of Computer and Emerging Sciences, Karachi, Pakistan","institution_ids":["https://openalex.org/I201384688"]},{"raw_affiliation_string":"National University of Computer &#x0026; Emerging Sciences (FAST), Karachi, Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031435855","display_name":"Ummay Faseeha","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Ummay Faseeha","raw_affiliation_strings":["Department of Computer Science, FAST National University of Computer and Emerging Sciences, Karachi, Pakistan","National University of Computer &#x0026; Emerging Sciences (FAST), Karachi, Pakistan"],"raw_orcid":"https://orcid.org/0009-0000-5276-1504","affiliations":[{"raw_affiliation_string":"Department of Computer Science, FAST National University of Computer and Emerging Sciences, Karachi, Pakistan","institution_ids":["https://openalex.org/I201384688"]},{"raw_affiliation_string":"National University of Computer &#x0026; Emerging Sciences (FAST), Karachi, Pakistan","institution_ids":["https://openalex.org/I201384688"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":4.2352,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.94545479,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":"13","issue":null,"first_page":"139203","last_page":"139224"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9485999941825867,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9485999941825867,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9376000165939331,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9352999925613403,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.8021807670593262},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7565060257911682},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.36709678173065186},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3005843460559845}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.8021807670593262},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7565060257911682},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.36709678173065186},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3005843460559845}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2025.3592192","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3592192","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:b6e7083533a0467bbb90cbe6e69c62e9","is_oa":true,"landing_page_url":"https://doaj.org/article/b6e7083533a0467bbb90cbe6e69c62e9","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 13, Pp 139203-139224 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2025.3592192","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3592192","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320316822","display_name":"Asia Pacific University of Technology and Innovation","ror":"https://ror.org/03c52a632"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W3089573742","https://openalex.org/W3193476905","https://openalex.org/W3211889887","https://openalex.org/W4200524314","https://openalex.org/W4285296336","https://openalex.org/W4285324995","https://openalex.org/W4308391469","https://openalex.org/W4313187022","https://openalex.org/W4362644874","https://openalex.org/W4366377764","https://openalex.org/W4375951735","https://openalex.org/W4380793018","https://openalex.org/W4386946955","https://openalex.org/W4387006413","https://openalex.org/W4388453755","https://openalex.org/W4391944556","https://openalex.org/W4392024464","https://openalex.org/W4393118739","https://openalex.org/W4393146115","https://openalex.org/W4394565171","https://openalex.org/W4397000567","https://openalex.org/W4399486549","https://openalex.org/W4399487367","https://openalex.org/W4399939923","https://openalex.org/W4400033527","https://openalex.org/W4400583065","https://openalex.org/W4400680179","https://openalex.org/W4401943817","https://openalex.org/W4402264034","https://openalex.org/W4403826838","https://openalex.org/W4404294820","https://openalex.org/W4404788077","https://openalex.org/W4405194937","https://openalex.org/W4406824422","https://openalex.org/W4409103059"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4244478748","https://openalex.org/W3150465815","https://openalex.org/W4223488648","https://openalex.org/W2134969820","https://openalex.org/W2251605416","https://openalex.org/W1997222214","https://openalex.org/W2560439919"],"abstract_inverted_index":{"Containerized":[0],"applications":[1],"offer":[2],"lightweight":[3],"and":[4,25,37,50,68,81,84,92,100,115,129],"scalable":[5],"deployment":[6],"but":[7],"remain":[8],"exposed":[9],"to":[10,14],"security":[11,30],"risks":[12],"due":[13],"a":[15,28,60],"shared":[16],"kernel.":[17],"We":[18],"present":[19],"DeSFAM":[20,41,106,121],"(Dynamic":[21],"eBPF-driven":[22],"Syscall":[23],"Filtering":[24],"Anomaly":[26,58],"Mitigation),":[27],"real-time":[29],"framework":[31],"that":[32],"enforces":[33],"least-privilege":[34],"syscall":[35,45,87,130],"usage":[36],"detects":[38],"behavioral":[39],"anomalies.":[40],"integrates:":[42],"(i)":[43],"hybrid":[44],"profiling":[46],"through":[47],"static":[48],"analysis":[49],"dynamic":[51],"eBPF":[52,90],"tracing;":[53],"(ii)":[54],"SyscallAD":[55],"(System":[56],"call":[57],"Detection),":[59],"low-latency":[61],"anomaly":[62],"detector":[63],"combining":[64],"Variational":[65],"Autoencoder":[66],"(VAE)":[67],"Isolation":[69],"Forest":[70],"(iForest);":[71],"(iii)":[72],"contextual":[73],"risk":[74],"scoring":[75],"based":[76],"on":[77],"MITRE":[78],"ATT&CK":[79],"mappings":[80],"CVE":[82,102],"correlations;":[83],"(iv)":[85],"adaptive":[86],"enforcement":[88,113],"using":[89,96],"maps":[91],"LSM":[93],"hooks.":[94],"Evaluations":[95],"the":[97],"DongTing":[98],"dataset":[99],"real-world":[101],"attack":[103],"scenarios":[104],"show":[105],"achieves":[107],"94%":[108],"precision,":[109],"90%":[110],"recall,":[111],"sub-millisecond":[112],"latency,":[114],"less":[116],"than":[117],"1%":[118],"performance":[119],"overhead.":[120],"effectively":[122],"blocks":[123],"privilege":[124],"escalation,":[125],"container":[126,135],"escape":[127],"attempts,":[128],"injection":[131],"attacks":[132],"in":[133],"modern":[134],"environments.":[136]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-20T22:02:38.213706","created_date":"2025-10-10T00:00:00"}