Contextfuse: Advanced Container Security with Contextual ‎Intelligence

  • Authors

    • Pranav Bhandari Sharda School of Engineering and Technology, Department of Computer Science & Engineering, Uttar Pradesh, Noida, India
    • Sonia Setia School of Computer Science Engineering, Galgotias University, Greater Noida
    • Krishan Kumar Sharda School of Engineering and Technology, Department of Computer Science & Engineering, Uttar Pradesh, Noida, India
    • Seema Shukla Sharda School of Engineering and Technology, Department of Computer Science & Engineering, Uttar Pradesh, Noida, India
    • Kunchanapaalli Rama Krishna Department of CSIT, K L Deemed to be University, Vaddeswaram, Andhra Pradesh, India
    • Dharm Raj Sharda School of Engineering and Technology, Department of Computer Science & Engineering, Uttar Pradesh, Noida, India
    https://doi.org/10.14419/df46s727

    Received date: July 3, 2025

    Accepted date: August 3, 2025

    Published date: August 11, 2025

  • Adaptive Learning; Behavioral Analysis; Container Security; Contextual Intelligence; Security Integration

  • Abstract

    Container security became a particularly key problem with the widespread use of containerized architecture in organizations. Current ap-‎approaches typically focus on isolated security dimensions, creating gaps in detection and leading to both false positives and false negatives. ‎This paper introduces ContextFuse, an integrated container security system that combines vulnerability assessment, behavioral analysis, and ‎contextual intelligence to provide comprehensive security evaluation. ContextFuse implements a novel weighted consensus algorithm for ‎vulnerability assessment, applies transfer learning for behavioral analysis, and uses a graph-based approach for modeling security relationships, while incorporating an adaptive learning framework that continuously improves based on feedback. Our evaluation using a dataset of ‎‎1,000 containers demonstrates significant improvements over existing security tools, with 51.8% higher accuracy, 4.2% higher precision, ‎and 18.0% higher recall than baseline approaches. The system successfully identified 85% of simulated attacks with a false positive rate of ‎only 10%, and improved security assessment accuracy from 70% to 85% after processing just 10 feedback instances. ContextFuse effectively identifies complex security risks that would be missed by conventional tools while providing explainable security scores and actionable recommendations, demonstrating that an integrated, context-aware approach can significantly improve container security practices‎.

  • References

    1. Cloud Native Computing Foundation, "CNCF Survey 2021: Container Adoption," CNCF, 2021.
    2. M. Sultan, A. Miranskyy, and A. Emami-Taba, "Container Security: Issues, Challenges, and the Road Ahead," IEEE Access, vol. 7, pp. 52976-52996, 2019. https://doi.org/10.1109/ACCESS.2019.2911732.
    3. B. Kim, D. Choi, and J. Kim, "Evaluation of Docker Container Vulnerability Scanning Services," in Proc. Korea Inst. Inf. Secur. Cryptology Conf., 2019, pp. 431-435.
    4. H. Song, S. Zhang, and Q. Lin, "Runtime security monitoring for containerized applications," in Proc. IEEE Int. Conf. Cloud Comput., 2020, pp. 392-400.
    5. C. Song, H. Lin, S. Zhang, and Z. Guo, "Context-aware security model for emerging applications," in Proc. ACSAC, 2019, pp. 753-764.
    6. J. Singh, A. Anand, and V. Bajaj, "Transfer Learning and Adaptive Models in Security: A Survey," IEEE Trans. Artif. Intell., vol. 2, no. 5, pp. 402-421, 2021.
    7. C. Lin, D. Stockle, and W. Enck, "Supporting Security Assurance for Containerized Applications," in Proc. Int. Conf. Cloud Secur., 2020, pp. 45-56.
    8. S. Yamato, "Trivy: A Simple and Comprehensive Vulnerability Scanner for Containers," in Proc. Open-Source Summit, 2020.
    9. D. Li, L. Jin, and Y. Chen, "Accuracy Analysis of Container Vulnerability Assessment Tools," J. Inf. Secur. Appl., vol. 54, p. 102525, 2020.
    10. A. Eldjou, A. Matrawy, and T. Aboulnasr, "eBPF-based monitoring for container security: Tracee approach," in Proc. IEEE Int. Conf. Network Se-cur., 2021, pp. 148-159.
    11. X. Wang, B. Zhou, and Q. Li, "Unsupervised anomaly detection for container behavior using autoencoders," in Proc. IEEE Int. Conf. Big Data, 2020, pp. 2879-2888.
    12. J. Hauser, M. Li, and O. Schmidt, "Federated learning for container security monitoring: A distributed approach," in Proc. IEEE Int. Conf. Distrib. Comput. Syst., 2021, pp. 1423-1434.
    13. Docker Inc., "Docker Bench for Security," GitHub repository, 2020.
    14. Shopify Inc., "Kubeaudit: A tool to audit Kubernetes clusters for security concerns," GitHub repository, 2021.
    15. Z. Li, H. Zhang, and Y. Chen, "Graph-based security model for Kubernetes configurations," in Proc. IEEE Int. Conf. Cloud Secur., 2021, pp. 378-389.
    16. S. Mohammady, R. Niyazi, and B. Wang, "Statistical validation techniques for vulnerability assessment," J. Comput. Secur., vol. 48, pp. 102-117, 2020.
    17. Y. Zhang, L. Liu, and S. Wu, "A risk assessment framework for container vulnerabilities considering exploitability and context," IEEE Trans. De-pendable Secure Comput., vol. 18, no. 6, pp. 2846-2859, 2021.
    18. P. Tunde-Onadele, J. Tao, and F. A. Wen, "Multi-modal anomaly detection for container environments," in Proc. IEEE Int. Conf. Cloud Eng., 2020, pp. 179-190.
    19. Y. Shen, E. Chen, and X. Yang, "Applying transfer learning for malware detection: A study on model transferability," in Proc. IEEE Int. Conf. Se-cur. Priv. Commun. Netw., 2020, pp. 1-10.
    20. H. Zhang, L. Wei, and D. Jiang, "Domain adaptation approach for intrusion detection systems," in Proc. IEEE Int. Symp. Netw. Comput. Appl., 2020, pp. 1-8.
    21. Center for Internet Security, "CIS Docker Benchmark," CIS Benchmarks, 2020.
    22. T. Walters, T. Ghafoor, and A. Ekelhart, "Detection Approaches for Common Container Security Issues," in Proc. IEEE Int. Conf. Smart Comput., 2020, pp. 230-237.
    23. L. Xu, H. Li, and X. Wang, "Learning-based approach for container misconfigurations in orchestration platforms," in Proc. IEEE Int. Conf. Cloud Eng., 2021, pp. 193-204.
    24. D. Zhang, Z. Wu, and B. Li, "Formal verification of container isolation properties," IEEE Trans. Dependable Secure Comput., vol. 19, no. 3, pp. 1730-1744, 2022.
    25. W. Liu, J. Yan, X. Wei, H. Wang, and S. Zhu, "A lightweight container security framework adapted to the power cloud platform," in 2021 IEEE 4th International Electrical and Energy Conference (CIEEC), 2021. https://doi.org/10.1109/CIEEC50170.2021.9510589.
    26. S. Yilmaz, E. Aydogan, and S. Sen, "A transfer learning approach for securing resource-constrained IoT devices," IEEE Trans. Inf. Forensics Se-cur., vol. 16, pp. 4405--4418, 2021. https://doi.org/10.1109/TIFS.2021.3096029.
    27. R. Jolak et al., "CONSERVE: A framework for the selection of techniques for monitoring containers security," J. Syst. Softw., vol. 186, no. 111158, p. 111158, 2022. https://doi.org/10.1016/j.jss.2021.111158.
    28. R. Dwiantara, "Quantitative Risk Scoring and Vulnerability Management for Ensuring Compliance in Cloud-Based E-Retail Operations," Interna-tional Journal of Applied Business Intelligence, vol. 2, no. 12, pp. 14--22, 2022.
    29. Y. Yang, W. Shen, B. Ruan, W. Liu, and K. Ren, "Security challenges in the container cloud," in 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), 2021. https://doi.org/10.1109/TPSISA52974.2021.00016.
    30. Z. Zhong, M. Xu, M. A. Rodriguez, C. Xu, and R. Buyya, "Machine learning-based orchestration of containers: A taxonomy and future directions," ACM Comput. Surv., vol. 54, no. 10s, pp. 1--35, 2022. https://doi.org/10.1145/3510415.
    31. S. Timonen, M. Sroor, R. Mohanani, and T. Mikkonen, "Anomaly detection through container testing: A survey of company practices," in Interna-tional Conference on Product-Focused Software Process Improvement, Cham; Nature Switzerland: Springer, 2023, pp. 363--378. https://doi.org/10.1007/978-3-031-49266-2_25.
    32. Q. Zhang, J. Ma, X. Zhang, and Y. Liu, "Container security assessment and reinforcement technology integrating big data and intelligent algo-rithms," in 2024 3rd International Conference on Data Analytics, Computing and Artificial Intelligence (ICDACAI), 2024, pp. 622--626. https://doi.org/10.1109/ICDACAI65086.2024.00119.
    33. M. Imdoukh, I. Ahmad, and M. G. Alfailakawi, "Machine learning-based auto-scaling for containerized applications," Neural Comput. Appl., vol. 32, no. 13, pp. 9745--9760, 2020. https://doi.org/10.1007/s00521-019-04507-z.
    34. A. D. Neal, R. G. Sharpe, P. P. Conway, and A. A. West, "smaRTI--A cyber-physical intelligent container for industry 4.0 manufacturing," J. Man-uf. Syst., vol. 52, pp. 63--75, 2019. https://doi.org/10.1016/j.jmsy.2019.04.011.
    35. M. B. Anley, A. Genovese, D. Agostinello, and V. Piuri, "Robust DDoS attack detection with adaptive transfer learning," Comput. Secur., vol. 144, no. 103962, p. 103962, 2024. https://doi.org/10.1016/j.cose.2024.103962.
    36. L. Yang et al., "CADE: Detecting and explaining concept drift samples for security applications," in 30th USENIX Security Symposium (USENIX Security 21), 2021, pp. 2327--2344.
    37. N. C. Mendonca, P. Jamshidi, D. Garlan, and C. Pahl, "Developing self-adaptive microservice systems: Challenges and directions," IEEE Softw., vol. 38, no. 2, pp. 70--79, 2021. https://doi.org/10.1109/MS.2019.2955937.
    38. M. Kaloudis, "Evolving Software Architectures from Monolithic Systems to Resilient Microservices: Best Practices, Challenges and Future Trends," International Journal of Advanced Computer Science & Applications, no. 9, 2024. https://doi.org/10.14569/IJACSA.2024.0150901.
    39. C. K. Rath, A. K. Mandal, and A. Sarkar, "Dynamic provisioning of devices in microservices-based IoT applications using context-aware rein-forcement learning," Innov. Syst. Softw. Eng., 2024. https://doi.org/10.1007/s11334-024-00579-w.
    40. C.-H. Hsieh, F. Xu, D. Kong, Q. Yang, and Y. Ma, "CSQF-BA: Efficient container query technology for cloud security query framework with bat algorithm," in Lecture Notes in Computer Science, Singapore: Springer Nature Singapore, 2024, pp. 97--109. https://doi.org/10.1007/978-981-97-5606-3_9.
    41. K. Mehta, R. Singh, and T. Banerjee, “KubeSec++: Real-time Runtime Anomaly Detection for Kubernetes Clusters Using LSTM-Autoencoders,” IEEE Transactions on Dependable and Secure Computing, vol. 22, no. 1, pp. 175–189, 2024.
    42. M. Oliva, D. C. Yuen, and H. Tak, “SecChain: Blockchain-Based Supply Chain Provenance for Containerized Workloads,” Future Generation Computer Systems, vol. 146, pp. 43–57, 2024.
    43. A. S. Rana, L. Fan, and J. Gorton, “Policy-Driven Admission Control in Kubernetes for Mitigating Image Injection Attacks,” ACM Transactions on Privacy and Security, vol. 27, no. 2, Article 14, 2023.
    44. R. Yamazaki and F. Enomoto, “KubeGraphShield: Graph Neural Networks for Kubernetes Security Context Modeling,” Computers & Security, vol. 129, p. 103236, 2024.

  • Downloads

  • How to Cite

    Bhandari, P., Setia, S. . ., Kumar , K. ., Shukla , S. ., Krishna , K. R. ., & Raj, D. . (2025). Contextfuse: Advanced Container Security with Contextual ‎Intelligence. International Journal of Basic and Applied Sciences, 14(4), 288-296. https://doi.org/10.14419/df46s727