{"id":"https://openalex.org/W4205617621","doi":"https://doi.org/10.1109/comsnets53615.2022.9668504","title":"Kub-Sec, an automatic Kubernetes cluster AppArmor profile generation engine","display_name":"Kub-Sec, an automatic Kubernetes cluster AppArmor profile generation engine","publication_year":2022,"publication_date":"2022-01-04","ids":{"openalex":"https://openalex.org/W4205617621","doi":"https://doi.org/10.1109/comsnets53615.2022.9668504"},"language":"en","primary_location":{"id":"doi:10.1109/comsnets53615.2022.9668504","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comsnets53615.2022.9668504","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 14th International Conference on COMmunication Systems &amp; NETworkS (COMSNETS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021292791","display_name":"Hui Zhu","orcid":"https://orcid.org/0000-0002-5853-633X"},"institutions":[{"id":"https://openalex.org/I187531555","display_name":"Lund University","ror":"https://ror.org/012a77v79","country_code":"SE","type":"education","lineage":["https://openalex.org/I187531555"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Hui Zhu","raw_affiliation_strings":["Department of Electrical and Information Technology, Lund University, Lund, Sweden"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Information Technology, Lund University, Lund, Sweden","institution_ids":["https://openalex.org/I187531555"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044464349","display_name":"Christian Gehrmann","orcid":"https://orcid.org/0000-0001-8003-200X"},"institutions":[{"id":"https://openalex.org/I187531555","display_name":"Lund University","ror":"https://ror.org/012a77v79","country_code":"SE","type":"education","lineage":["https://openalex.org/I187531555"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Christian Gehrmann","raw_affiliation_strings":["Department of Electrical and Information Technology, Lund University, Lund, Sweden"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Information Technology, Lund University, Lund, Sweden","institution_ids":["https://openalex.org/I187531555"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5021292791"],"corresponding_institution_ids":["https://openalex.org/I187531555"],"apc_list":null,"apc_paid":null,"fwci":6.362,"has_fulltext":false,"cited_by_count":20,"citation_normalized_percentile":{"value":0.96543102,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"129","last_page":"137"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7333263158798218},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6220741868019104},{"id":"https://openalex.org/keywords/xml","display_name":"XML","score":0.5602413415908813},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.5164761543273926},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.511468768119812},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.5043448209762573},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.49477094411849976},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49420931935310364},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.48447561264038086},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.4424325227737427},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.4232892394065857},{"id":"https://openalex.org/keywords/cluster","display_name":"Cluster (spacecraft)","score":0.4116322994232178},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3857913017272949},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.35798323154449463},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11528491973876953}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7333263158798218},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6220741868019104},{"id":"https://openalex.org/C8797682","wikidata":"https://www.wikidata.org/wiki/Q2115","display_name":"XML","level":2,"score":0.5602413415908813},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.5164761543273926},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.511468768119812},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.5043448209762573},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.49477094411849976},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49420931935310364},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.48447561264038086},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.4424325227737427},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.4232892394065857},{"id":"https://openalex.org/C164866538","wikidata":"https://www.wikidata.org/wiki/Q367351","display_name":"Cluster (spacecraft)","level":2,"score":0.4116322994232178},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3857913017272949},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.35798323154449463},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11528491973876953},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C157915830","wikidata":"https://www.wikidata.org/wiki/Q2928001","display_name":"Bubble","level":2,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C136264566","wikidata":"https://www.wikidata.org/wiki/Q159810","display_name":"Economy","level":1,"score":0.0},{"id":"https://openalex.org/C129307140","wikidata":"https://www.wikidata.org/wiki/Q6795880","display_name":"Maximum bubble pressure method","level":3,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/comsnets53615.2022.9668504","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comsnets53615.2022.9668504","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 14th International Conference on COMmunication Systems &amp; NETworkS (COMSNETS)","raw_type":"proceedings-article"},{"id":"pmh:oai:lup.lub.lu.se:911454bf-e9fb-4ed9-9bc8-bf5b18344a85","is_oa":false,"landing_page_url":"https://lup.lub.lu.se/record/911454bf-e9fb-4ed9-9bc8-bf5b18344a85","pdf_url":null,"source":{"id":"https://openalex.org/S4306400536","display_name":"Lund University Publications (Lund University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I187531555","host_organization_name":"Lund University","host_organization_lineage":["https://openalex.org/I187531555"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ISSN: 2155-2487","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6499999761581421,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G2923962978","display_name":null,"funder_award_id":"RIT17-0032,EU H2020","funder_id":"https://openalex.org/F4320320940","funder_display_name":"Stiftelsen f\u00f6r\u00a0Strategisk Forskning"}],"funders":[{"id":"https://openalex.org/F4320320940","display_name":"Stiftelsen f\u00f6r\u00a0Strategisk Forskning","ror":"https://ror.org/044wr7g58"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W2010470307","https://openalex.org/W2023953679","https://openalex.org/W2112578244","https://openalex.org/W2145287008","https://openalex.org/W2290712622","https://openalex.org/W2735380434","https://openalex.org/W2758360306","https://openalex.org/W2892624679","https://openalex.org/W2903799441","https://openalex.org/W2908043320","https://openalex.org/W2936268283","https://openalex.org/W2954388734","https://openalex.org/W2979907307","https://openalex.org/W2982662507","https://openalex.org/W2996042910","https://openalex.org/W3042606321","https://openalex.org/W3089573742","https://openalex.org/W3092118421","https://openalex.org/W3094094693","https://openalex.org/W3137157842","https://openalex.org/W3157425484","https://openalex.org/W3158045938","https://openalex.org/W3158489317","https://openalex.org/W3160370961","https://openalex.org/W3163735094","https://openalex.org/W3179169340","https://openalex.org/W3183394046","https://openalex.org/W3184498084","https://openalex.org/W6681485941","https://openalex.org/W6757328474","https://openalex.org/W6780724457","https://openalex.org/W6793756515","https://openalex.org/W6797988819","https://openalex.org/W6798954288"],"related_works":["https://openalex.org/W2367301169","https://openalex.org/W2974221847","https://openalex.org/W2352134912","https://openalex.org/W2775844720","https://openalex.org/W2001079144","https://openalex.org/W2055230095","https://openalex.org/W2048054615","https://openalex.org/W2313990708","https://openalex.org/W71401375","https://openalex.org/W3146804403"],"abstract_inverted_index":{"Kubernetes":[0],"(K8s)":[1],"is":[2,90],"one":[3,174],"of":[4,48,97,113,145,177],"the":[5,25,61,110,124,135,139,146,165,170],"best":[6],"options":[7],"available":[8],"to":[9,54,59,126],"deploy":[10],"applications":[11],"in":[12,24,67,116],"large-scale":[13],"infrastructures.":[14],"Security":[15],"has":[16],"been":[17],"a":[18,45,78,93,143,158],"big":[19],"concern":[20],"for":[21,36,64,81,102,129,157],"all":[22,29,117,181],"practitioners":[23],"K8s":[26,37,55,83,150],"eco-system.":[27],"Almost":[28],"cloud":[30],"vendors":[31],"have":[32,57],"their":[33],"security":[34,56,66,166],"solution":[35],"cluster,":[38],"pods,":[39],"workloads,":[40],"etc.":[41],"In":[42],"recent":[43,95],"years,":[44],"large":[46],"number":[47],"open-source":[49],"tools":[50],"and":[51,74,133,152],"projects":[52],"related":[53],"emerged":[58],"meet":[60],"increased":[62],"demand":[63],"enhanced":[65],"these":[68],"systems.":[69],"Following":[70],"this":[71],"general":[72],"need":[73],"trend,":[75],"we":[76],"propose":[77],"new":[79],"design":[80,89],"automatic":[82,98],"cluster":[84],"AppArmor":[85,99,127,155],"profile":[86,156],"generation.":[87],"Our":[88],"based":[91],"on":[92],"most":[94],"work":[96],"policy":[100],"generator":[101],"Docker":[103],"containers":[104,115],"called":[105],"Lic-Sec.":[106],"The":[107],"system":[108,147,171],"collects":[109],"behavioral":[111],"data":[112,125],"application":[114,131],"worker":[118],"nodes":[119],"distributively,":[120],"then":[121],"centrally":[122],"transforms":[123],"policies":[128,136,167],"each":[130],"container,":[132],"enforces":[134],"without":[137],"interrupting":[138],"service.":[140],"We":[141,162],"present":[142],"prototype":[144],"using":[148],"Google":[149],"environment":[151],"with":[153],"an":[154],"WordPress":[159],"personal":[160],"blog.":[161],"show":[163],"that":[164],"generated":[168],"by":[169],"can":[172],"defend":[173],"typical":[175],"kind":[176],"attack":[178],"which":[179],"targets":[180],"WordPress's":[182],"XML-RPC":[183],"interface.":[184]},"counts_by_year":[{"year":2025,"cited_by_count":15},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1}],"updated_date":"2026-03-31T07:56:22.981413","created_date":"2025-10-10T00:00:00"}