Leadership Hijacking in Docker Swarm and Its Consequences
Open Access
- 19 July 2021
- Vol. 23 (7), 914
- https://doi.org/10.3390/e23070914
Abstract
With the advent of microservice-based software architectures, an increasing number of modern cloud environments and enterprises use operating system level virtualization, which is often referred to as container infrastructures. Docker Swarm is one of the most popular container orchestration infrastructures, providing high availability and fault tolerance. Occasionally, discovered container escape vulnerabilities allow adversaries to execute code on the host operating system and operate within the cloud infrastructure. We show that Docker Swarm is currently not secured against misbehaving manager nodes. This allows a high impact, high probability privilege escalation attack, which we refer to as leadership hijacking, the possibility of which is neglected by the current cloud security literature. Cloud lateral movement and defense evasion payloads allow an adversary to leverage the Docker Swarm functionality to control each and every host in the underlying cluster. We demonstrate an end-to-end attack, in which an adversary with access to an application running on the cluster achieves full control of the cluster. To reduce the probability of a successful high impact attack, container orchestration infrastructures must reduce the trust level of participating nodes and, in particular, incorporate adversary immune leader election algorithms.This publication has 10 references indexed in Scilit:
- On the robustness of consensus-based behaviors for robot swarmsSwarm Intelligence, 2020
- Cloud Computing Security Threats and Attacks with Their Mitigation TechniquesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- To Docker or Not to Docker: A Security PerspectiveIEEE Cloud Computing, 2016
- Last-Level Cache Side-Channel Attacks are PracticalPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- State Machine Replication for the Masses with BFT-SMARTPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Performance Evaluation of Container-Based Virtualization for High Performance Computing EnvironmentsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Efficient Byzantine Fault-ToleranceIEEE Transactions on Computers, 2011
- The Impact of Flooding Attacks on Network-based ServicesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- Practical byzantine fault tolerance and proactive recoveryACM Transactions on Computer Systems, 2002
- The part-time parliamentACM Transactions on Computer Systems, 1998