{"id":"https://openalex.org/W4296916870","doi":"https://doi.org/10.1109/tnet.2022.3206781","title":"Secure Inter-Container Communications Using XDP/eBPF","display_name":"Secure Inter-Container Communications Using XDP/eBPF","publication_year":2022,"publication_date":"2022-09-22","ids":{"openalex":"https://openalex.org/W4296916870","doi":"https://doi.org/10.1109/tnet.2022.3206781"},"language":"en","primary_location":{"id":"doi:10.1109/tnet.2022.3206781","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tnet.2022.3206781","pdf_url":null,"source":{"id":"https://openalex.org/S62238642","display_name":"IEEE/ACM Transactions on Networking","issn_l":"1063-6692","issn":["1063-6692","1558-2566"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE/ACM Transactions on Networking","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042262858","display_name":"Jaehyun Nam","orcid":"https://orcid.org/0000-0001-8907-5495"},"institutions":[{"id":"https://openalex.org/I89015989","display_name":"Dankook University","ror":"https://ror.org/058pdbn81","country_code":"KR","type":"education","lineage":["https://openalex.org/I89015989"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Jaehyun Nam","raw_affiliation_strings":["Department of Computer Engineering, Dankook University, Yongin, South Korea"],"affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Dankook University, Yongin, South Korea","institution_ids":["https://openalex.org/I89015989"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053088189","display_name":"Seungsoo Lee","orcid":"https://orcid.org/0000-0002-6883-1869"},"institutions":[{"id":"https://openalex.org/I146429904","display_name":"Incheon National University","ror":"https://ror.org/02xf7p935","country_code":"KR","type":"education","lineage":["https://openalex.org/I146429904"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Seungsoo Lee","raw_affiliation_strings":["Department of Computer Science and Engineering, Incheon National University, Incheon, South Korea"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Incheon National University, Incheon, South Korea","institution_ids":["https://openalex.org/I146429904"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022253423","display_name":"Phillip Porras","orcid":"https://orcid.org/0000-0003-4661-2443"},"institutions":[{"id":"https://openalex.org/I1298353152","display_name":"SRI International","ror":"https://ror.org/05s570m15","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I1298353152"]},{"id":"https://openalex.org/I4210099336","display_name":"Menlo School","ror":"https://ror.org/01240pn49","country_code":"US","type":"education","lineage":["https://openalex.org/I4210099336"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Phillip Porras","raw_affiliation_strings":["SRI International, Menlo Park, CA, USA"],"affiliations":[{"raw_affiliation_string":"SRI International, Menlo Park, CA, USA","institution_ids":["https://openalex.org/I1298353152","https://openalex.org/I4210099336"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085002486","display_name":"Vinod Yegneswaran","orcid":"https://orcid.org/0000-0003-0718-6605"},"institutions":[{"id":"https://openalex.org/I1298353152","display_name":"SRI International","ror":"https://ror.org/05s570m15","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I1298353152"]},{"id":"https://openalex.org/I4210099336","display_name":"Menlo School","ror":"https://ror.org/01240pn49","country_code":"US","type":"education","lineage":["https://openalex.org/I4210099336"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vinod Yegneswaran","raw_affiliation_strings":["SRI International, Menlo Park, CA, USA"],"affiliations":[{"raw_affiliation_string":"SRI International, Menlo Park, CA, USA","institution_ids":["https://openalex.org/I1298353152","https://openalex.org/I4210099336"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084473174","display_name":"Seungwon Shin","orcid":"https://orcid.org/0000-0002-1077-5606"},"institutions":[{"id":"https://openalex.org/I157485424","display_name":"Korea Advanced Institute of Science and Technology","ror":"https://ror.org/05apxxy63","country_code":"KR","type":"education","lineage":["https://openalex.org/I157485424"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Seungwon Shin","raw_affiliation_strings":["School of Electrical Engineering, KAIST, Daejeon, South Korea"],"affiliations":[{"raw_affiliation_string":"School of Electrical Engineering, KAIST, Daejeon, South Korea","institution_ids":["https://openalex.org/I157485424"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5042262858"],"corresponding_institution_ids":["https://openalex.org/I89015989"],"apc_list":null,"apc_paid":null,"fwci":6.6965,"has_fulltext":false,"cited_by_count":24,"citation_normalized_percentile":{"value":0.96890739,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"31","issue":"2","first_page":"934","last_page":"947"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7239948511123657},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.693717360496521},{"id":"https://openalex.org/keywords/notation","display_name":"Notation","score":0.4800925552845001},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.44235512614250183},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4361395537853241},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3611759543418884},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3340705335140228},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.2044050097465515},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.18911859393119812},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.08837848901748657}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7239948511123657},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.693717360496521},{"id":"https://openalex.org/C45357846","wikidata":"https://www.wikidata.org/wiki/Q2001982","display_name":"Notation","level":2,"score":0.4800925552845001},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.44235512614250183},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4361395537853241},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3611759543418884},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3340705335140228},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.2044050097465515},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.18911859393119812},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.08837848901748657},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tnet.2022.3206781","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tnet.2022.3206781","pdf_url":null,"source":{"id":"https://openalex.org/S62238642","display_name":"IEEE/ACM Transactions on Networking","issn_l":"1063-6692","issn":["1063-6692","1558-2566"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE/ACM Transactions on Networking","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.47999998927116394,"display_name":"Industry, innovation and infrastructure"}],"awards":[{"id":"https://openalex.org/G8500136025","display_name":null,"funder_award_id":"2022R1C1C1006093","funder_id":"https://openalex.org/F4320322120","funder_display_name":"National Research Foundation of Korea"}],"funders":[{"id":"https://openalex.org/F4320322120","display_name":"National Research Foundation of Korea","ror":"https://ror.org/013aysd81"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W1805474074","https://openalex.org/W2056198910","https://openalex.org/W2133467782","https://openalex.org/W2182584490","https://openalex.org/W2465005408","https://openalex.org/W2513765047","https://openalex.org/W2550874390","https://openalex.org/W2588479842","https://openalex.org/W2598200822","https://openalex.org/W2605904959","https://openalex.org/W2621197600","https://openalex.org/W2753365392","https://openalex.org/W2761578098","https://openalex.org/W2809251391","https://openalex.org/W2901693060","https://openalex.org/W2903038868","https://openalex.org/W3089573742","https://openalex.org/W6637096788","https://openalex.org/W6638282704","https://openalex.org/W6730426483","https://openalex.org/W6742301121","https://openalex.org/W6754288653","https://openalex.org/W6759743156","https://openalex.org/W6784834832"],"related_works":["https://openalex.org/W96612179","https://openalex.org/W2770234245","https://openalex.org/W2987774938","https://openalex.org/W2566006169","https://openalex.org/W4256492088","https://openalex.org/W632915154","https://openalex.org/W4229499248","https://openalex.org/W4378874356","https://openalex.org/W2055733372","https://openalex.org/W2369811061"],"abstract_inverted_index":{"While":[0],"the":[1,16,19,53,135,178],"use":[2],"of":[3,18,21],"containerization":[4],"technologies":[5],"for":[6,39,125,189],"virtual":[7],"application":[8,90],"deployment":[9],"has":[10,24],"grown":[11],"at":[12],"an":[13,155],"astonishing":[14],"rate,":[15],"question":[17],"robustness":[20],"container":[22,46,89,95,174,191],"networking":[23,36,159],"not":[25],"been":[26],"well":[27],"scrutinized":[28],"from":[29,48],"a":[30,49,64,79,98,149],"security":[31,50,81,113,118,127,150],"perspective,":[32,51],"even":[33],"though":[34],"inter-container":[35,66,158],"is":[37],"indispensable":[38],"microservices.":[40],"Thus,":[41],"this":[42],"paper":[43],"first":[44],"analyzes":[45],"networks":[47,175],"discussing":[52],"implications":[54],"based":[55],"on":[56],"their":[57],"architectural":[58],"limitations.":[59],"Then,":[60],"it":[61],"presents":[62],"Bastion+,":[63],"secure":[65],"communication":[67],"bridge.":[68],"Bastion+":[69,101,139,166],"introduces":[70],"(":[71,104,141],"<inline-formula":[72,105,142],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[73,106,143],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">":[74,107,144],"<tex-math":[75,108,145],"notation=\"LaTeX\">$i$":[76],"</tex-math></inline-formula>":[77,110,147],")":[78,111,148],"network":[80,137],"enforcement":[82],"stack":[83],"that":[84,153],"provides":[85],"fine-grained":[86],"control":[87],"per":[88],"and":[91,187],"securely":[92],"isolates":[93],"inter-":[94],"traffic":[96],"in":[97,173],"point-to-point":[99],"manner.":[100],"also":[102],"supports":[103],"notation=\"LaTeX\">$ii$":[109],"selective":[112],"function":[114],"chaining,":[115],"enabling":[116],"various":[117],"functions":[119],"to":[120,134,182],"be":[121],"chained":[122],"between":[123],"containers":[124,186],"further":[126],"inspections":[128],"(e.g.,":[129],"deep":[130],"packet":[131],"inspection)":[132],"according":[133],"container\u2019s":[136],"context.":[138],"incorporates":[140],"notation=\"LaTeX\">$iii$":[146],"policy":[151],"assistant":[152],"helps":[154],"administrator":[156],"discover":[157],"dependencies":[160],"correctly.":[161],"Our":[162],"evaluation":[163],"demonstrates":[164],"how":[165],"can":[167],"effectively":[168],"mitigate":[169],"several":[170],"adversarial":[171],"attacks":[172],"while":[176],"improving":[177],"overall":[179],"performance":[180],"up":[181],"25.4%":[183],"within":[184],"single-host":[185],"17.7%":[188],"cross-host":[190],"communications.":[192]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-01T17:29:45.350535","created_date":"2025-10-10T00:00:00"}