An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository
The number of exploits of Docker images involving the injection of adversarial behaviors into the image’s layers is increasing immensely. Docker images are a fundamental component of Docker. Therefore, developing a machine learning classifier that effectively predicts and classifies wheth...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10768874/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1846123615571935232 |
|---|---|
| author | Maram Aldiabat Qussai M. Yaseen Qusai Abu Ein |
| author_facet | Maram Aldiabat Qussai M. Yaseen Qusai Abu Ein |
| author_sort | Maram Aldiabat |
| collection | DOAJ |
| description | The number of exploits of Docker images involving the injection of adversarial behaviors into the image’s layers is increasing immensely. Docker images are a fundamental component of Docker. Therefore, developing a machine learning classifier that effectively predicts and classifies whether a Docker image contains injected malicious behaviors is crucial as a proactive approach. This paper proposes a machine learning model to assess the feasibility of employing machine learning algorithms for detecting the security status of Docker images available in the Docker Hub repository. The paper develops a machine learning model for detecting malicious Docker images by using a newly created dataset containing Docker images associated with 14 corresponding features that were specifically chosen as they are critical indicators of potential security risks in Docker images, and the dataset was published for research purposes. Moreover, the paper developed and tested several machine learning algorithms using Docker image features: Naïve Bayes, Decision Tree, Random Forest, Gradient Boosting, Extreme Gradient Boosting, and Neural Network. The results show that the Random Forest classifier demonstrates exceptional accuracy, achieving a 99% F1-score and an AUC of 100%. This performance refers to its capability to accurately classify the images and effectively distinguish between secure and insecure images, in addition to the minimal error rate of less than 1%, outperforming state-of-the-art models to identify malicious Docker images. |
| format | Article |
| id | doaj-art-2be9e1ca7011433bb9cb16d1f4ee47c2 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-2be9e1ca7011433bb9cb16d1f4ee47c22024-12-14T00:01:28ZengIEEEIEEE Access2169-35362024-01-011218558618560410.1109/ACCESS.2024.350666310768874An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub RepositoryMaram Aldiabat0https://orcid.org/0009-0004-0706-0038Qussai M. Yaseen1https://orcid.org/0000-0003-0777-1871Qusai Abu Ein2Department of Computer Science and Software Engineering, Auburn University, Auburn, AL, USADepartment of Information Technology, AIRC Center, Ajman University, Ajman, United Arab EmiratesDepartment of Computer Information Systems, Jordan University of Science and Technology, Irbid, JordanThe number of exploits of Docker images involving the injection of adversarial behaviors into the image’s layers is increasing immensely. Docker images are a fundamental component of Docker. Therefore, developing a machine learning classifier that effectively predicts and classifies whether a Docker image contains injected malicious behaviors is crucial as a proactive approach. This paper proposes a machine learning model to assess the feasibility of employing machine learning algorithms for detecting the security status of Docker images available in the Docker Hub repository. The paper develops a machine learning model for detecting malicious Docker images by using a newly created dataset containing Docker images associated with 14 corresponding features that were specifically chosen as they are critical indicators of potential security risks in Docker images, and the dataset was published for research purposes. Moreover, the paper developed and tested several machine learning algorithms using Docker image features: Naïve Bayes, Decision Tree, Random Forest, Gradient Boosting, Extreme Gradient Boosting, and Neural Network. The results show that the Random Forest classifier demonstrates exceptional accuracy, achieving a 99% F1-score and an AUC of 100%. This performance refers to its capability to accurately classify the images and effectively distinguish between secure and insecure images, in addition to the minimal error rate of less than 1%, outperforming state-of-the-art models to identify malicious Docker images.https://ieeexplore.ieee.org/document/10768874/DockerDocker imagesDocker containersmachine learningmalware detection |
| spellingShingle | Maram Aldiabat Qussai M. Yaseen Qusai Abu Ein An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository IEEE Access Docker Docker images Docker containers machine learning malware detection |
| title | An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository |
| title_full | An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository |
| title_fullStr | An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository |
| title_full_unstemmed | An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository |
| title_short | An Efficient Random Forest Classifier for Detecting Malicious Docker Images in Docker Hub Repository |
| title_sort | efficient random forest classifier for detecting malicious docker images in docker hub repository |
| topic | Docker Docker images Docker containers machine learning malware detection |
| url | https://ieeexplore.ieee.org/document/10768874/ |
| work_keys_str_mv | AT maramaldiabat anefficientrandomforestclassifierfordetectingmaliciousdockerimagesindockerhubrepository AT qussaimyaseen anefficientrandomforestclassifierfordetectingmaliciousdockerimagesindockerhubrepository AT qusaiabuein anefficientrandomforestclassifierfordetectingmaliciousdockerimagesindockerhubrepository AT maramaldiabat efficientrandomforestclassifierfordetectingmaliciousdockerimagesindockerhubrepository AT qussaimyaseen efficientrandomforestclassifierfordetectingmaliciousdockerimagesindockerhubrepository AT qusaiabuein efficientrandomforestclassifierfordetectingmaliciousdockerimagesindockerhubrepository |