Cloud-Native Sandboxes for Microservices: Understanding New Threats and Attacks

Presented at Black Hat Europe 2018, Dec. 6, 2018, 4 p.m. (25 minutes)

<span>Sandboxing is a proven technique for detecting malware and targeted attacks. In practice, sandboxes inspect network traffic and identify the suspicious behaviors. However, the emergence of new forms of malware and exploits targeting microservices pose challenges for traditional sandboxing solutions in cloud-native environments.</span><br><br><span>Contemporary sandboxes fail to support container-based environments. To address these challenges, we redesigned the sandboxing system by adopting the new emerging container techniques. We will also demonstrate how our sandbox improves the performance of detecting miscroservice-oriented attacks. Additionally, in this talk we will discuss how to extend our sandbox to benefit existing security </span><span>products in order to achieve better accuracy.</span>

Presenters:

  • Zhaoyan Xu - Principle Security Researcher, Palo Alto Networks
    Zhaoyan Xu is a Principle Security Researcher at Palo Alto Networks, CA, United States. He earned his PhD degree from Texas A&M University, College Station in 2014. His research interests include web security, malware analysis, detection, and system security.
  • Tongbo Luo - Chief AI Security Scientist, JD.com
    Tongbo Luo is a Chief AI Security Scientist at JD.com and was most recently Senior Principal Security Researcher at Palo Alto Networks. He obtained his MS and PhD in computer science from Syracuse University in 2014. He is active on docker security, cyber security, IoT security, and applied machine learning for security problems.

Links:

Similar Presentations: