Skip to content

kube-security/container-obfuscation-benchmark

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
app
app
 
 
images
images
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
benchmark.png
benchmark.png
 
 
dockerfiles_obfuscation.py
dockerfiles_obfuscation.py
 
 
main.py
main.py
 
 

Repository files navigation

Container obfuscation benchmark

This repository contains a dataset of container obfuscation techniques applied to the base python:3.10 container.
The goal of this benchmark is to evaluate the impact of various obfuscation methods on container security and vulnerability analysis.

Run

python main.py

This command generates the corresponding Dockerfiles, with increasing obfuscation.

The current latest version of the obfuscated dataset is available here.

Tests

The following table compares the detection capabilities of various tools across different obfuscation techniques. V and P mean vulnerabilities and packages respectively. If an obfuscation (or multiple) technique reduces the amount of vulnerabiligies or packages detected then it is marked in ❌. Alternatively ✅ indicates that the tool is resilient to the technique.

The ORCA tool can be found here.

Benchmark Results

About

Container obfuscation benchmark

Topics

benchmark obfuscation container-image

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

8 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages