Adaptive File Integrity Monitoring for Container Virtualization Environments using OSSEC with Real-Time Alerting

In this ever-evolving digital age, container technology has become one of the main solutions in cloud computing due to its efficiency and flexibility. However, the dynamic and ephemeral nature of containers poses new challenges in terms of security, especially regarding data integrity. The implement...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Journal of Applied Informatics and Computing Ročník 9; číslo 5; s. 2764 - 2774
Hlavní autoři: Wowiling, Gerry, Sinambela, Eka Stephani, Simatupang, Frengki, Siagian, Fabert Jody Manuel, Sibarani, Aisyah Ayu, Batubara, Indah Sari
Médium: Journal Article
Jazyk:angličtina
Vydáno: Politeknik Negeri Batam 18.10.2025
Témata:
container
docker
file integrity monitoring
ossec
virtualization
ISSN:2548-6861, 2548-6861
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:In this ever-evolving digital age, container technology has become one of the main solutions in cloud computing due to its efficiency and flexibility. However, the dynamic and ephemeral nature of containers poses new challenges in terms of security, especially regarding data integrity. The implementation of OSSEC in container environments requires a tailored approach, as it lacks native support for automatically detecting new containers. Agents must be embedded within container images or installed at the host level. These agents activate each time a container runs and send monitoring data to the OSSEC server. With orchestration and automated configuration, monitoring results are stored externally, and real-time email alerts can be triggered upon detecting suspicious file changes. Container environments are increasingly targeted by cyber threats such as malware and ransomware, which pose risks of unauthorized data access or encryption. Limited file integrity monitoring within containers creates a security gap that can be exploited undetected. This research addresses the issue by implementing a File Integrity Monitoring (FIM) mechanism using OSSEC, an open-source Host Intrusion Detection System (HIDS) capable of real-time file and log monitoring, malware detection, and automated threat response. OSSEC is deployed within a Docker-based setup and integrated with a Web User Interface for visualizing logs and monitoring activity. The system includes real-time email notifications for immediate alerts. Testing through file modification scenarios confirmed OSSEC’s accuracy in detecting changes and notifying administrators. This implementation effectively strengthens data security and provides timely threat detection in containerized environments.
ISSN:2548-6861
2548-6861
DOI:10.30871/jaic.v9i5.10006