Latest Issue
Design Of Buck Converter For Low Power Application A Comparative Study For Selecting The Semiconductor Devices
Published: April 30,2026Determination of Mechanical Properties of Cambodian Sandstone using the Brazilian Test and the Semi Circular Bending Test
Published: April 30,2026Quality Evaluation of Cambodian Rice Seeds Under Organic Tillage and Green Manure Production Systems
Published: April 30,2026Assessing the Impact of Motorcycle Emissions on Urban Air Quality: A Case Study at the Institute of Technology of Cambodia
Published: April 30,2026Characterization of Antimicrobial Resistance Profiles and Extended-Spectrum Beta-Lactamase Resistance Genes in Salmonella Isolates from Different Food Matrices in Cambodia
Published: April 30,2026Impact of rice agro-system on aroma accumulation of Phka Rumdoul rice variety in Cambodia
Published: April 30,2026Evaluation of The Susceptibility of Rice Germplasms In Cambodia To The Rice Root-Knot Nematode, Meloidogyne Graminicola
Published: April 30,2026Correlation Between Dynamic Cone Penetrometer (DCP) and California Bearing Ratio (CBR) for Subgrade Soil Material in Cambodia
Published: April 30,2026Effect of Storage Conditions on the Stability of Rice Fragrance and Protein Content in Phka Rumdoul Rice Variety
Published: April 30,2026Assessment of Hydraulic Transport of Pesticides at the Watershed: Case study Tonle Sap and Mekong River
Published: April 30,2026Enhancing the Accuracy and Reliability of Docker Image Vulnerability Scanning Technology
-
1. Department of Information and Communication Engineering, Institute of Technology of Cambodia, Russian Federation Blvd., P.O. Box 86, Phnom Penh, Cambodia
Academic Editor:
Received: July 17,2023 / Revised: / Accepted: September 23,2023 / Available online: June 30,2024
With the growth of usage of Docker containers in the recent year, Vulnerability scanning is essential to scanning and detecting known flaws and vulnerabilities in that specific Docker image. Using a custom docker image with third-party libraries in our code base authenticity or knowing their flaws can cause a lot of trouble in the future. In this case, vulnerability scanning tools such as Clair, Trivy, Anchor Grype, and Snyk are used for detecting the known vulnerability of the used Docker image and its included library but one Docker image can show different results depending on which tools we use due to the different scanning techniques and different vulnerability databases with different information (CVE, NVD, RedHat) that they use. In this research, We will be focusing on building an architectural framework that improves the accuracy, and reliability of the vulnerability scanning tools with a local vulnerability database that we built using a commonly used method such as static analysis which scans by reading package name and version searching, matching known suspicious pattern or signature using a binary database. Another method of scanning is a binary analysis which includes spotting unknown suspicious properties with a predefined algorithm. Using a confusion matrix, we evaluate the vulnerability scanning tool with docker images using the ground truth vulnerabilities stored in our local vulnerability database which is enriched with vulnerability information that is improved each time a new image is scanned.