Security Analysis of Docker Containers for ARM Architecture

Containers provide a better performance, faster deployment than virtual machines and provide near-native performance, with isolation and security drawbacks. Although the security of containers for the Intel architecture has been investigated in more detail, there is limited work on the security of containers for the ARM architecture. In this paper, we address this gap in research and focus on the security of containers designed for the ARM architecture, which is heavily used in IoT devices. Edge computing offers many advantages, including reduced latency and resource requirements at the cloud because data can be processed at the edge before it is sent to the cloud. Using containers at the edge nodes of IoT-Edge-Cloud systems can enhance such advantages at the cost of increasing security vulnerabilities in such systems. Therefore, it is essential to investigate the security of containers designed for the ARM architecture. Accordingly, we obtained official ARM images from DockerHub and used various security tools to scan these ARM images. We found that 72% of all the vulnerabilities show varying severity levels and each tool seems to work best for particular base images. We investigated how each tool detects sub-packages and achieves a different hit ratio while none of them alone can detect at least 80% of all the vulnerabilities. In addition, we also investigated how the Docker images and their vulnerability landscape change over a period of six months by running the scanning tools twice. Finally, we also conducted a dynamic analysis of some of the images on the Raspberry Pi and study their effects. We believe this paper will facilitate the use of ARM containers at the ARM-based edge nodes by addressing security issues.