Aixia Team - Containment Crew

Project owned by Aixia and part of Industrial Immersion Exchange program 2024

211d ago

In cooperation with Aixia, we are emulating adversarial container escape techniques in a secure environment. The project runs from late May to early August, with students spending time in Sweden and the United States.

The team:

Emily Blixt - BSc in Global Systems from Chalmers University of Technology, currently pursuing her MSc in Complex Adaptive Systems.

Roch Laferriere - BSc in Computer Science from Dakota State University (DSU), currently pursuing his MSc in Computer Science/AI.

Nicholas Gourley - BSc in Cyber Operations from DSU, currently pursuing his MSc in Cyber Defense.

Marcus Kicklighter - MSc in Engineering: Computer Security at BTH.

Måns Englund - Pursuing a Master of Science in Information and Communication Technology with an emphasis on Software Development from LTH.

Ensuring confidentiality, integrity, and availability of multi-tenant systems are vital for infrastructure as a service (IaaS) companies. This study analyzes practical attack vectors of a multi-tenant, high performance compute cluster. To achieve a nuanced and pragmatic threat model of the target system, a white box penetration test was performed. The goal was to audit the AiQu software provided by Aixia and discover vulnerabilites in the afformentioned software.

A comprehensive mapping of the system was done to gain a further understanding of the target software, its inner workings, and where potential weaknesses might exist. The system breakdown followed a top-down approach. Thereafter, a penetration test was conducted to systematically identify and assess potential security vulnerabilities in the AiQu software. The steps to find vulnerabilities once the system was mapped out were the following:

Automated security scanning tools
Enumeration of RESTAPI endpoints
Enumeration of Linux capabilities in deployed Docker containers
Fuzzing input fields and REST API fields
Manual web application testing
Manual code review
Read previous security assessments and try variations of previous vulnerabilities

The team will deliver a security assessment report.

Attributes

Resources

What is a container escape?

2024-06-17 09:51 Post Articles & Editorial Knowledgebase

What is container escape, and why is it so important to our project?

Imagine you have an app that you want to run on your computer. This app needs certain things to work, like specific versions of software or libraries. Usually, setting all this up can be tricky because your computer might not have the exact versions needed, or other apps might need different versions of the same software.

A container is like a small, portable box that has everything your app needs to run. This box includes:

Your app
All the software and libraries your app depends on
Configuration files and settings

An added benefit to containers is that they are isolated from the surrounding host system. This is very important for security when deploying containers for an end user as a service, because it prevents unauthorized access to sensitive data. If this isolation were to be breached, a user of the system could access information that should not be accessible to them, and abuse privileges that they should not have.

This type of exploit is known as a container escape. With the rise of microservices and containerization over the last decade, more and more systems are becoming potentially vulnerable to this type of attack. The implications vary from system to system, but it is common for user data and system details to be vulnerable in the event of a container escape.

Container escapes can happen as a result of a few different common vulnerabilities. The most common is a simple misconfiguration of the container, giving that container too many privileges which can be exploited by a malicious user. Other common vulnerabilities include kernel-based vulnerabilities, improper usage of namespaces, and vulnerable or malicious container images.