Mitigating DDoS attacks in containerized environments: A comparative analysis of Docker and Kubernetes

Containerization has become the primary method for deploying applications, with web services being the most prevalent. However, exposing server IP addresses to external connections renders containerized services vulnerable to DDoS attacks, which can deplete server resources and hinder legitimate use...

Full description

Saved in:
Bibliographic Details
Published inJournal of parallel and distributed computing Vol. 204; p. 105130
Main Authors Chuang, Yung-Ting, Tu, Chih-Han
Format Journal Article
LanguageEnglish
Published Elsevier Inc 01.10.2025
Subjects
Containerization
DDoS attacks and defenses
Docker
Kubernetes
Web services security
Web services security
DDoS attacks and defenses
Containerization
Docker
Kubernetes
Online AccessGet full text

Cover

Abstract Containerization has become the primary method for deploying applications, with web services being the most prevalent. However, exposing server IP addresses to external connections renders containerized services vulnerable to DDoS attacks, which can deplete server resources and hinder legitimate user access. To address this issue, we implement twelve different mitigation strategies, test them across three common types of web services, and conduct experiments on both Docker and Kubernetes deployment platforms. Furthermore, this study introduces a cross-platform, orchestration-aware evaluation framework that simulates realistic multi-service workloads and analyzes defense strategy performance under varying concurrency conditions. Experimental results indicate that Docker excels in managing white-listed traffic and delaying attacker responses, while Kubernetes achieves low completion times, minimum response times, and low failure rates by processing all requests simultaneously. Based on these findings, we provide actionable insights for selecting appropriate mitigation strategies tailored to different orchestration environments and workload patterns, offering practical guidance for securing containerized deployments against low-rate DDoS threats. Our work not only provides empirical performance evaluations but also reveals deployment-specific trade-offs, offering strategic recommendations for building resilient cloud-native infrastructures. •Twelve mitigation strategies were evaluated across Docker and Kubernetes platforms.•Experiments applied realistic multi-service workloads and varying concurrency levels.•Platform-aware insights reveal orchestration trade-offs affecting mitigation outcomes.•Offers practical deployment guidance for DDoS resilience in containerized systems.
AbstractList Containerization has become the primary method for deploying applications, with web services being the most prevalent. However, exposing server IP addresses to external connections renders containerized services vulnerable to DDoS attacks, which can deplete server resources and hinder legitimate user access. To address this issue, we implement twelve different mitigation strategies, test them across three common types of web services, and conduct experiments on both Docker and Kubernetes deployment platforms. Furthermore, this study introduces a cross-platform, orchestration-aware evaluation framework that simulates realistic multi-service workloads and analyzes defense strategy performance under varying concurrency conditions. Experimental results indicate that Docker excels in managing white-listed traffic and delaying attacker responses, while Kubernetes achieves low completion times, minimum response times, and low failure rates by processing all requests simultaneously. Based on these findings, we provide actionable insights for selecting appropriate mitigation strategies tailored to different orchestration environments and workload patterns, offering practical guidance for securing containerized deployments against low-rate DDoS threats. Our work not only provides empirical performance evaluations but also reveals deployment-specific trade-offs, offering strategic recommendations for building resilient cloud-native infrastructures. •Twelve mitigation strategies were evaluated across Docker and Kubernetes platforms.•Experiments applied realistic multi-service workloads and varying concurrency levels.•Platform-aware insights reveal orchestration trade-offs affecting mitigation outcomes.•Offers practical deployment guidance for DDoS resilience in containerized systems.
ArticleNumber 105130
Author Tu, Chih-Han
Chuang, Yung-Ting
Author_xml – sequence: 1
  givenname: Yung-Ting
  orcidid: 0000-0002-5164-9171
  surname: Chuang
  fullname: Chuang, Yung-Ting
  email: ytchuang@nycu.edu.tw
– sequence: 2
  givenname: Chih-Han
  surname: Tu
  fullname: Tu, Chih-Han
BookMark eNp9kM1OAjEUhbvAREBfwFVfYLA_doYaNwQUjRgX6rrptLekA7SkrST49A7BtaubnJvv5OQboUGIARC6oWRCCa1vu0m3t2bCCBN9ICgnAzQkzR2vGk7FJRrl3BFCqWimQ-TefPFrXXxY48UifmBdijabjH3AJoaifYDkf8BiCAefYthBKPkez_rvbq9TTx4A66C3x-wzjg4votlA6iOLX79bSAEK5Ct04fQ2w_XfHaOvp8fP-XO1el--zGeryjDBS2WlbhopiRRWOGpr00rZCiJq4hiThNu25VrKmkNN2LRxnBlphDGcTUHquuVjxM69JsWcEzi1T36n01FRok52VKdOdtTJjjrb6aGHMwT9soOHpLLxEAxYn8AUZaP_D_8Ft41y1A
Cites_doi 10.1109/TPDS.2019.2942591
10.1109/ACCESS.2019.2945930
10.1109/TIFS.2011.2107320
10.1109/SURV.2013.031413.00127
10.1109/ACCESS.2020.2976609
10.1109/TSE.2022.3229221
10.1145/3485537
10.3390/s21051910
10.1109/ACCESS.2024.3501192
10.1016/j.compind.2019.01.006
10.1109/OJIES.2021.3055901
10.1109/TPDS.2018.2794369
10.22214/ijraset.2022.44106
10.1016/j.jnca.2018.07.003
10.1016/j.procs.2020.04.152
10.1145/2723872.2723882
ContentType Journal Article
Copyright 2025 Elsevier Inc.
Copyright_xml – notice: 2025 Elsevier Inc.
DBID AAYXX
CITATION
DOI 10.1016/j.jpdc.2025.105130
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
ExternalDocumentID 10_1016_j_jpdc_2025_105130
S0743731525000978
GroupedDBID --K
--M
-~X
.~1
0R~
1B1
1~.
1~5
29L
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
AAEDT
AAEDW
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AATTM
AAXKI
AAXUO
AAYFN
AAYWO
ABBOA
ABDPE
ABEFU
ABFNM
ABFSI
ABJNI
ABMAC
ABWVN
ABXDB
ACDAQ
ACGFS
ACNNM
ACRLP
ACRPL
ACVFH
ACZNC
ADBBV
ADCNI
ADEZE
ADFGL
ADHUB
ADJOM
ADMUD
ADNMO
ADTZH
ADVLN
AEBSH
AECPX
AEIPS
AEKER
AENEX
AEUPX
AFJKZ
AFPUW
AFTJW
AFXIZ
AGCQF
AGHFR
AGQPQ
AGRNS
AGUBO
AGYEJ
AHHHB
AHJVU
AHZHX
AIALX
AIEXJ
AIGII
AIIUN
AIKHN
AITUG
AKBMS
AKRWK
AKYEP
ALMA_UNASSIGNED_HOLDINGS
AMRAJ
ANKPU
AOUOD
APXCP
ASPBG
AVWKF
AXJTR
AZFZN
BJAXD
BKOJK
BLXMC
BNPGV
CAG
COF
CS3
DM4
DU5
E.L
EBS
EFBJH
EFKBS
EJD
EO8
EO9
EP2
EP3
F5P
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-2
G-Q
GBLVA
GBOLZ
HLZ
HVGLF
HZ~
H~9
IHE
J1W
JJJVA
K-O
KOM
LG5
LG9
LY7
M41
MO0
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
Q38
R2-
RIG
ROL
RPZ
SBC
SDF
SDG
SDP
SES
SET
SEW
SPC
SPCBC
SST
SSV
SSZ
T5K
TN5
TWZ
WUQ
XJT
XOL
XPP
ZMT
ZU3
ZY4
~G-
AAYXX
CITATION
SSH
ID FETCH-LOGICAL-c253t-d9a7799095d5f1d6cb99b50560f22903dbb3a9963e60287f32c9c5cc328e9a6b3
IEDL.DBID .~1
ISSN 0743-7315
IngestDate Wed Jul 16 16:43:53 EDT 2025
Sat Aug 09 17:30:59 EDT 2025
IsPeerReviewed true
IsScholarly true
Keywords Web services security
DDoS attacks and defenses
Containerization
Docker
Kubernetes
Language English
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c253t-d9a7799095d5f1d6cb99b50560f22903dbb3a9963e60287f32c9c5cc328e9a6b3
ORCID 0000-0002-5164-9171
ParticipantIDs crossref_primary_10_1016_j_jpdc_2025_105130
elsevier_sciencedirect_doi_10_1016_j_jpdc_2025_105130
PublicationCentury 2000
PublicationDate October 2025
2025-10-00
PublicationDateYYYYMMDD 2025-10-01
PublicationDate_xml – month: 10
  year: 2025
  text: October 2025
PublicationDecade 2020
PublicationTitle Journal of parallel and distributed computing
PublicationYear 2025
Publisher Elsevier Inc
Publisher_xml – name: Elsevier Inc
References Zhijun, Wenjing, Liang, Meng (br0270) 2020; 8
Shah, Dubaria (br0430) 2019
Kan (br0380) 2016
Wan, Guan, Wang, Bai, Choi (br0360) 2018; 119
Chelladhurai, Chelliah, Kumar (br0400) 2016
Zhao, Wang, Liu, Wang, Zhang, Zheng (br0340) 2018; 29
Watada, Roy, Kadikar, Pham, Xu (br0020) 2019; 7
Merkel (br0070) 2014; 239
Gamess, Parajuli (br0250) 2024
Mondal, Pan, Kabir, Tian, Dai (br0090) 2022
Shamim (br0480) 2021
Nocentino, Weissman, Nocentino, Weissman (br0500) 2021
Johansson, Rågberger, Nolte, Papadopoulos (br0130) 2022
Varghese, Subba, Thai, Barker (br0350) 2016
Hardikar, Ahirwar, Rajan (br0150) 2021
Xiang, Li, Zhou (br0280) 2011; 6
Vayghan, Saied, Toeroe, Khendek (br0120) 2019
Tripathi (br0220) 2024
Somani, Chaudhary (br0330) 2009
Jazayeri (br0160) 2007
Lau, Rubin, Smith, Trajkovic (br0190) 2000; vol. 3
Khatami, Purwanto, Ruriawan (br0140) 2020
Poniszewska-Marańda, Czechowska (br0110) 2021; 21
Bachiega, Souza, Bruschi, De Souza (br0030) 2018
Patidar, Somani (br0260) 2021; 59
Fan, Wang (br0520) 2015
Li, Jin, Zou, Yuan (br0290) 2019; 31
Dewi, Noertjahyana, Palit, Yedutun (br0100) 2019
Garcia (br0240) 2024
Zhou, Zhou, Hoppe (br0310) 2022; 49
Nardelli, Hochreiner, Schulte (br0320) 2017
Huang, Cui, Wen, Huang (br0390) 2019
Zargar, Joshi, Tipper (br0180) 2013; 15
David, Barr (br0490) 2021
Dautov, Song (br0420) 2020; vol. 1
Boettiger (br0050) 2015; 49
Mallikarjunan, Muthupriya, Shalinie (br0200) 2016
Liu, Lan, Pang, Karlsson, Gong (br0300) 2021; 2
Potdar, Narayan, Kengond, Mulla (br0080) 2020; 171
Jaafar, Abdullah, Ismail (br0210) 2019
Koksal, Catak, Dalveren (br0230) 2024
Huang, Wu, Jiang, Jin (br0060) 2019
Gokhale, Turcotte, Tip (br0530) 2021; 5
Nath, Dhar, Basishtha (br0170) 2014
Medel, Rana, Bañares, Arronategui (br0450) 2016
Sinde, Thakkalapally, Ramidi, Veeramalla (br0540) 2022; 10
Vayghan, Saied, Toeroe, Khendek (br0440) 2018
Chen, Guan, Liang, Vernon, McPherson, Lo, Chen, Ahrens (br0040) 2017
Bose, Rahman, Shamim (br0460) 2021
S. Pothuganti, M. Samanth, Comparative analysis of load balancing in cloud platforms for an online bookstore web application using apache benchmark, 2023.
T. Borangiu, D. Trentesaux, A. Thomas, P. Leitão, J. Barata, Digital transformation of manufacturing through cloud services and resource virtualization, 2019.
Chung, Quang-Hung, Nguyen, Thoai (br0370) 2016
Wenhao, Zheng (br0410) 2020
D'Silva, Ambawade (br0470) 2021
Zhijun (10.1016/j.jpdc.2025.105130_br0270) 2020; 8
Lau (10.1016/j.jpdc.2025.105130_br0190) 2000; vol. 3
Mallikarjunan (10.1016/j.jpdc.2025.105130_br0200) 2016
Zhou (10.1016/j.jpdc.2025.105130_br0310) 2022; 49
Patidar (10.1016/j.jpdc.2025.105130_br0260) 2021; 59
David (10.1016/j.jpdc.2025.105130_br0490)
Watada (10.1016/j.jpdc.2025.105130_br0020) 2019; 7
Poniszewska-Marańda (10.1016/j.jpdc.2025.105130_br0110) 2021; 21
Nocentino (10.1016/j.jpdc.2025.105130_br0500) 2021
Nath (10.1016/j.jpdc.2025.105130_br0170) 2014
Potdar (10.1016/j.jpdc.2025.105130_br0080) 2020; 171
Zargar (10.1016/j.jpdc.2025.105130_br0180) 2013; 15
Tripathi (10.1016/j.jpdc.2025.105130_br0220) 2024
Gamess (10.1016/j.jpdc.2025.105130_br0250) 2024
Shamim (10.1016/j.jpdc.2025.105130_br0480) 2021
Merkel (10.1016/j.jpdc.2025.105130_br0070) 2014; 239
Fan (10.1016/j.jpdc.2025.105130_br0520) 2015
Shah (10.1016/j.jpdc.2025.105130_br0430) 2019
D'Silva (10.1016/j.jpdc.2025.105130_br0470) 2021
Hardikar (10.1016/j.jpdc.2025.105130_br0150) 2021
Sinde (10.1016/j.jpdc.2025.105130_br0540) 2022; 10
Xiang (10.1016/j.jpdc.2025.105130_br0280) 2011; 6
Huang (10.1016/j.jpdc.2025.105130_br0390) 2019
Medel (10.1016/j.jpdc.2025.105130_br0450) 2016
Chelladhurai (10.1016/j.jpdc.2025.105130_br0400) 2016
Somani (10.1016/j.jpdc.2025.105130_br0330) 2009
Chen (10.1016/j.jpdc.2025.105130_br0040)
Vayghan (10.1016/j.jpdc.2025.105130_br0440) 2018
10.1016/j.jpdc.2025.105130_br0010
Mondal (10.1016/j.jpdc.2025.105130_br0090) 2022
Huang (10.1016/j.jpdc.2025.105130_br0060) 2019
Jaafar (10.1016/j.jpdc.2025.105130_br0210) 2019
Zhao (10.1016/j.jpdc.2025.105130_br0340) 2018; 29
Varghese (10.1016/j.jpdc.2025.105130_br0350) 2016
Kan (10.1016/j.jpdc.2025.105130_br0380) 2016
Johansson (10.1016/j.jpdc.2025.105130_br0130) 2022
Bachiega (10.1016/j.jpdc.2025.105130_br0030) 2018
Li (10.1016/j.jpdc.2025.105130_br0290) 2019; 31
Koksal (10.1016/j.jpdc.2025.105130_br0230) 2024
Vayghan (10.1016/j.jpdc.2025.105130_br0120) 2019
Liu (10.1016/j.jpdc.2025.105130_br0300) 2021; 2
Wan (10.1016/j.jpdc.2025.105130_br0360) 2018; 119
Dewi (10.1016/j.jpdc.2025.105130_br0100) 2019
Jazayeri (10.1016/j.jpdc.2025.105130_br0160) 2007
Boettiger (10.1016/j.jpdc.2025.105130_br0050) 2015; 49
Khatami (10.1016/j.jpdc.2025.105130_br0140) 2020
Garcia (10.1016/j.jpdc.2025.105130_br0240) 2024
Chung (10.1016/j.jpdc.2025.105130_br0370) 2016
Dautov (10.1016/j.jpdc.2025.105130_br0420) 2020; vol. 1
10.1016/j.jpdc.2025.105130_br0510
Nardelli (10.1016/j.jpdc.2025.105130_br0320) 2017
Gokhale (10.1016/j.jpdc.2025.105130_br0530) 2021; 5
Wenhao (10.1016/j.jpdc.2025.105130_br0410) 2020
Bose (10.1016/j.jpdc.2025.105130_br0460) 2021
References_xml – start-page: 37
  year: 2015
  end-page: 42
  ident: br0520
  article-title: Performance comparison of web servers with different architectures: a case study using high concurrency workload
  publication-title: 2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb)
– year: 2024
  ident: br0230
  article-title: Flexible and lightweight mitigation framework for distributed denial-of-service attacks in container-based edge networks using Kubernetes
  publication-title: IEEE Access
– start-page: 1
  year: 2022
  end-page: 51
  ident: br0090
  article-title: Kubernetes in it administration and serverless computing: an empirical study and research challenges
  publication-title: J. Supercomput.
– start-page: 74
  year: 2020
  end-page: 78
  ident: br0140
  article-title: High availability storage server with Kubernetes
  publication-title: 2020 International Conference on Information Technology Systems and Innovation (ICITSI)
– volume: 59
  year: 2021
  ident: br0260
  article-title: Serving while attacked: ddos attack effect minimization using page separation and container allocation strategy
  publication-title: J. Inf. Secur. Appl.
– year: 2021
  ident: br0490
  article-title: Kubernetes autoscaling: yoyo attack vulnerability and mitigation
– start-page: 2019
  year: 2019
  ident: br0210
  article-title: Review of recent detection methods for http ddos attack
  publication-title: J. Comput. Netw. Commun.
– year: 2017
  ident: br0040
  article-title: Docker-enabled build and execution environment (bee): an encapsulated environment enabling hpc applications running everywhere
– start-page: 138
  year: 2024
  end-page: 147
  ident: br0250
  article-title: Image-processing workloads and ddos attack resilience: evaluating Docker and podman containers on raspberry pi and odroid
  publication-title: Proceedings of the 2024 ACM Southeast Conference
– reference: S. Pothuganti, M. Samanth, Comparative analysis of load balancing in cloud platforms for an online bookstore web application using apache benchmark, 2023.
– volume: 2
  start-page: 153
  year: 2021
  end-page: 168
  ident: br0300
  article-title: Performance evaluation of containerization in edge-cloud computing stacks for industrial applications: a client perspective
  publication-title: IEEE Open J. Ind. Electron. Soc.
– start-page: 354
  year: 2020
  end-page: 357
  ident: br0410
  article-title: Vulnerability analysis and security research of Docker container
  publication-title: 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)
– start-page: 41
  year: 2009
  end-page: 48
  ident: br0330
  article-title: Application performance isolation in virtualization
  publication-title: 2009 IEEE International Conference on Cloud Computing
– year: 2024
  ident: br0240
  article-title: Real-time network simulations for ml/dl ddos detection using Docker
– start-page: 478
  year: 2016
  end-page: 483
  ident: br0380
  article-title: Docloud: an elastic cloud platform for web applications based on Docker
  publication-title: 2016 18th International Conference on Advanced Communication Technology (ICACT)
– volume: 5
  start-page: 1
  year: 2021
  end-page: 27
  ident: br0530
  article-title: Automatic migration from synchronous to asynchronous javascript apis
  publication-title: Proc. ACM Program. Lang.
– volume: vol. 1
  start-page: 263
  year: 2020
  end-page: 268
  ident: br0420
  article-title: Towards agile management of containerised software at the edge
  publication-title: 2020 IEEE Conference on Industrial Cyberphysical Systems (ICPS)
– start-page: 28
  year: 2019
  end-page: 37
  ident: br0060
  article-title: Fastbuild: accelerating Docker image building for efficient development and deployment of container
  publication-title: 2019 35th Symposium on Mass Storage Systems and Technologies (MSST)
– volume: 21
  start-page: 1910
  year: 2021
  ident: br0110
  article-title: Kubernetes cluster for automating software production environment
  publication-title: Sensors
– volume: 15
  start-page: 2046
  year: 2013
  end-page: 2069
  ident: br0180
  article-title: A survey of defense mechanisms against distributed denial of service (ddos) flooding attacks
  publication-title: IEEE Commun. Surv. Tutor.
– start-page: 856
  year: 2016
  end-page: 859
  ident: br0400
  article-title: Securing Docker containers from denial of service (dos) attacks
  publication-title: 2016 IEEE International Conference on Services Computing (SCC)
– volume: 6
  start-page: 426
  year: 2011
  end-page: 437
  ident: br0280
  article-title: Low-rate ddos attacks detection and traceback by using new information metrics
  publication-title: IEEE Trans. Inf. Forensics Secur.
– start-page: 199
  year: 2007
  end-page: 213
  ident: br0160
  article-title: Some trends in web application development
  publication-title: Future of Software Engineering (FOSE'07)
– start-page: 1689
  year: 2021
  end-page: 1690
  ident: br0480
  article-title: Mitigating security attacks in Kubernetes manifests for security best practices violation
  publication-title: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering
– volume: 171
  start-page: 1419
  year: 2020
  end-page: 1428
  ident: br0080
  article-title: Performance evaluation of Docker container and virtual machine
  publication-title: Proc. Comput. Sci.
– volume: 29
  start-page: 1385
  year: 2018
  end-page: 1400
  ident: br0340
  article-title: Power-aware and performance-guaranteed virtual machine placement in the cloud
  publication-title: IEEE Trans. Parallel Distrib. Syst.
– start-page: 53
  year: 2021
  end-page: 70
  ident: br0500
  article-title: Kubernetes architecture
  publication-title: SQL Server on Kubernetes: Designing and Building a Modern Data Platform
– start-page: 1
  year: 2022
  end-page: 8
  ident: br0130
  article-title: Kubernetes orchestration of high availability distributed control systems
  publication-title: 2022 IEEE International Conference on Industrial Technology (ICIT)
– start-page: 970
  year: 2018
  end-page: 973
  ident: br0440
  article-title: Deploying microservice based applications with Kubernetes: experiments and lessons learned
  publication-title: 2018 IEEE 11th International Conference on Cloud Computing (CLOUD)
– start-page: 192
  year: 2016
  end-page: 201
  ident: br0350
  article-title: Container-based cloud virtual machine benchmarking
  publication-title: 2016 IEEE International Conference on Cloud Engineering (IC2E)
– start-page: 1
  year: 2016
  end-page: 6
  ident: br0200
  article-title: A survey of distributed denial of service attack
  publication-title: 2016 10th International Conference on Intelligent Systems and Control (ISCO)
– volume: 8
  start-page: 43920
  year: 2020
  end-page: 43943
  ident: br0270
  article-title: Low-rate dos attacks, detection, defense, and challenges: a survey
  publication-title: IEEE Access
– volume: 7
  start-page: 152443
  year: 2019
  end-page: 152472
  ident: br0020
  article-title: Emerging trends, techniques and open issues of containerization: a review
  publication-title: IEEE Access
– reference: T. Borangiu, D. Trentesaux, A. Thomas, P. Leitão, J. Barata, Digital transformation of manufacturing through cloud services and resource virtualization, 2019.
– volume: 49
  start-page: 71
  year: 2015
  end-page: 79
  ident: br0050
  article-title: An introduction to Docker for reproducible research
  publication-title: Oper. Syst. Rev.
– volume: 239
  start-page: 2
  year: 2014
  ident: br0070
  article-title: Docker: lightweight Linux containers for consistent development and deployment
  publication-title: Linux J.
– start-page: 86
  year: 2014
  end-page: 89
  ident: br0170
  article-title: Web 1.0 to web 3.0-evolution of the web and its various challenges
  publication-title: 2014 International Conference on Reliability Optimization and Information Technology (ICROIT)
– start-page: 1
  year: 2019
  end-page: 4
  ident: br0100
  article-title: Server scalability using Kubernetes
  publication-title: 2019 4th Technology Innovation Management and Engineering Science International Conference (TIMES-iCON)
– start-page: 398
  year: 2018
  end-page: 403
  ident: br0030
  article-title: Container-based performance evaluation: a survey and challenges
  publication-title: 2018 IEEE International Conference on Cloud Engineering (IC2E)
– start-page: 176
  year: 2019
  end-page: 185
  ident: br0120
  article-title: Microservice based architecture: towards high-availability for stateful applications with Kubernetes
  publication-title: 2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)
– start-page: 257
  year: 2016
  end-page: 262
  ident: br0450
  article-title: Modelling performance & resource management in Kubernetes
  publication-title: Proceedings of the 9th International Conference on Utility and Cloud Computing
– volume: 31
  start-page: 695
  year: 2019
  end-page: 706
  ident: br0290
  article-title: Exploring new opportunities to defeat low-rate ddos attack in container-based cloud environment
  publication-title: IEEE Trans. Parallel Distrib. Syst.
– volume: 119
  start-page: 97
  year: 2018
  end-page: 109
  ident: br0360
  article-title: Application deployment using microservice and Docker containers: framework and optimization
  publication-title: J. Netw. Comput. Appl.
– start-page: 9
  year: 2021
  end-page: 12
  ident: br0460
  article-title: ‘Under-reported’ security defects in Kubernetes manifests
  publication-title: 2021 IEEE/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS)
– start-page: 0184
  year: 2019
  end-page: 0189
  ident: br0430
  article-title: Building modern clouds: using Docker, Kubernetes & Google cloud platform
  publication-title: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC)
– start-page: 1214
  year: 2019
  end-page: 1220
  ident: br0390
  article-title: Security analysis and threats detection techniques on Docker container
  publication-title: 2019 IEEE 5th International Conference on Computer and Communications (ICCC)
– start-page: 1
  year: 2021
  end-page: 8
  ident: br0470
  article-title: Building a zero trust architecture using Kubernetes
  publication-title: 2021 6th International Conference for Convergence in Technology (i2ct)
– start-page: 52
  year: 2016
  end-page: 57
  ident: br0370
  article-title: Using Docker in high performance computing applications
  publication-title: 2016 IEEE Sixth International Conference on Communications and Electronics (ICCE)
– start-page: 1996
  year: 2021
  end-page: 2003
  ident: br0150
  article-title: Containerization: cloud computing based inspiration technology for adoption through Docker and Kubernetes
  publication-title: 2021 Second International Conference on Electronics and Sustainable Communication Systems (ICESC)
– volume: vol. 3
  start-page: 2275
  year: 2000
  end-page: 2280
  ident: br0190
  article-title: Distributed denial of service attacks
  publication-title: Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics
– year: 2024
  ident: br0220
  article-title: Attacking and defending Kubernetes
– start-page: 5
  year: 2017
  end-page: 10
  ident: br0320
  article-title: Elastic provisioning of virtual machines for container deployment
  publication-title: Proceedings of the 8th ACM/SPEC on International Conference on Performance Engineering Companion
– volume: 49
  start-page: 2722
  year: 2022
  end-page: 2740
  ident: br0310
  article-title: Containerization for high performance computing systems: survey and prospects
  publication-title: IEEE Trans. Softw. Eng.
– volume: 10
  start-page: 1305
  year: 2022
  end-page: 1309
  ident: br0540
  article-title: Continuous integration and deployment automation in aws cloud infrastructure
  publication-title: Int. J. Res. Appl. Sci. Eng. Technol.
– volume: 31
  start-page: 695
  issue: 3
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0290
  article-title: Exploring new opportunities to defeat low-rate ddos attack in container-based cloud environment
  publication-title: IEEE Trans. Parallel Distrib. Syst.
  doi: 10.1109/TPDS.2019.2942591
– volume: vol. 1
  start-page: 263
  year: 2020
  ident: 10.1016/j.jpdc.2025.105130_br0420
  article-title: Towards agile management of containerised software at the edge
– start-page: 257
  year: 2016
  ident: 10.1016/j.jpdc.2025.105130_br0450
  article-title: Modelling performance & resource management in Kubernetes
– volume: 7
  start-page: 152443
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0020
  article-title: Emerging trends, techniques and open issues of containerization: a review
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2019.2945930
– start-page: 9
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0460
  article-title: ‘Under-reported’ security defects in Kubernetes manifests
– ident: 10.1016/j.jpdc.2025.105130_br0040
– ident: 10.1016/j.jpdc.2025.105130_br0510
– volume: 239
  start-page: 2
  issue: 2
  year: 2014
  ident: 10.1016/j.jpdc.2025.105130_br0070
  article-title: Docker: lightweight Linux containers for consistent development and deployment
  publication-title: Linux J.
– volume: vol. 3
  start-page: 2275
  year: 2000
  ident: 10.1016/j.jpdc.2025.105130_br0190
  article-title: Distributed denial of service attacks
– start-page: 856
  year: 2016
  ident: 10.1016/j.jpdc.2025.105130_br0400
  article-title: Securing Docker containers from denial of service (dos) attacks
– start-page: 478
  year: 2016
  ident: 10.1016/j.jpdc.2025.105130_br0380
  article-title: Docloud: an elastic cloud platform for web applications based on Docker
– volume: 6
  start-page: 426
  issue: 2
  year: 2011
  ident: 10.1016/j.jpdc.2025.105130_br0280
  article-title: Low-rate ddos attacks detection and traceback by using new information metrics
  publication-title: IEEE Trans. Inf. Forensics Secur.
  doi: 10.1109/TIFS.2011.2107320
– year: 2024
  ident: 10.1016/j.jpdc.2025.105130_br0240
– start-page: 354
  year: 2020
  ident: 10.1016/j.jpdc.2025.105130_br0410
  article-title: Vulnerability analysis and security research of Docker container
– start-page: 1
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0470
  article-title: Building a zero trust architecture using Kubernetes
– start-page: 53
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0500
  article-title: Kubernetes architecture
– volume: 15
  start-page: 2046
  issue: 4
  year: 2013
  ident: 10.1016/j.jpdc.2025.105130_br0180
  article-title: A survey of defense mechanisms against distributed denial of service (ddos) flooding attacks
  publication-title: IEEE Commun. Surv. Tutor.
  doi: 10.1109/SURV.2013.031413.00127
– start-page: 1
  year: 2016
  ident: 10.1016/j.jpdc.2025.105130_br0200
  article-title: A survey of distributed denial of service attack
– start-page: 1
  year: 2022
  ident: 10.1016/j.jpdc.2025.105130_br0130
  article-title: Kubernetes orchestration of high availability distributed control systems
– start-page: 1
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0100
  article-title: Server scalability using Kubernetes
– start-page: 176
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0120
  article-title: Microservice based architecture: towards high-availability for stateful applications with Kubernetes
– volume: 8
  start-page: 43920
  year: 2020
  ident: 10.1016/j.jpdc.2025.105130_br0270
  article-title: Low-rate dos attacks, detection, defense, and challenges: a survey
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2020.2976609
– start-page: 41
  year: 2009
  ident: 10.1016/j.jpdc.2025.105130_br0330
  article-title: Application performance isolation in virtualization
– start-page: 1996
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0150
  article-title: Containerization: cloud computing based inspiration technology for adoption through Docker and Kubernetes
– start-page: 52
  year: 2016
  ident: 10.1016/j.jpdc.2025.105130_br0370
  article-title: Using Docker in high performance computing applications
– start-page: 74
  year: 2020
  ident: 10.1016/j.jpdc.2025.105130_br0140
  article-title: High availability storage server with Kubernetes
– volume: 49
  start-page: 2722
  issue: 4
  year: 2022
  ident: 10.1016/j.jpdc.2025.105130_br0310
  article-title: Containerization for high performance computing systems: survey and prospects
  publication-title: IEEE Trans. Softw. Eng.
  doi: 10.1109/TSE.2022.3229221
– start-page: 1
  year: 2022
  ident: 10.1016/j.jpdc.2025.105130_br0090
  article-title: Kubernetes in it administration and serverless computing: an empirical study and research challenges
  publication-title: J. Supercomput.
– start-page: 192
  year: 2016
  ident: 10.1016/j.jpdc.2025.105130_br0350
  article-title: Container-based cloud virtual machine benchmarking
– volume: 5
  start-page: 1
  issue: OOPSLA
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0530
  article-title: Automatic migration from synchronous to asynchronous javascript apis
  publication-title: Proc. ACM Program. Lang.
  doi: 10.1145/3485537
– start-page: 1214
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0390
  article-title: Security analysis and threats detection techniques on Docker container
– volume: 21
  start-page: 1910
  issue: 5
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0110
  article-title: Kubernetes cluster for automating software production environment
  publication-title: Sensors
  doi: 10.3390/s21051910
– year: 2024
  ident: 10.1016/j.jpdc.2025.105130_br0220
– year: 2024
  ident: 10.1016/j.jpdc.2025.105130_br0230
  article-title: Flexible and lightweight mitigation framework for distributed denial-of-service attacks in container-based edge networks using Kubernetes
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2024.3501192
– start-page: 138
  year: 2024
  ident: 10.1016/j.jpdc.2025.105130_br0250
  article-title: Image-processing workloads and ddos attack resilience: evaluating Docker and podman containers on raspberry pi and odroid
– ident: 10.1016/j.jpdc.2025.105130_br0010
  doi: 10.1016/j.compind.2019.01.006
– volume: 2
  start-page: 153
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0300
  article-title: Performance evaluation of containerization in edge-cloud computing stacks for industrial applications: a client perspective
  publication-title: IEEE Open J. Ind. Electron. Soc.
  doi: 10.1109/OJIES.2021.3055901
– volume: 29
  start-page: 1385
  issue: 6
  year: 2018
  ident: 10.1016/j.jpdc.2025.105130_br0340
  article-title: Power-aware and performance-guaranteed virtual machine placement in the cloud
  publication-title: IEEE Trans. Parallel Distrib. Syst.
  doi: 10.1109/TPDS.2018.2794369
– ident: 10.1016/j.jpdc.2025.105130_br0490
– start-page: 199
  year: 2007
  ident: 10.1016/j.jpdc.2025.105130_br0160
  article-title: Some trends in web application development
– start-page: 5
  year: 2017
  ident: 10.1016/j.jpdc.2025.105130_br0320
  article-title: Elastic provisioning of virtual machines for container deployment
– start-page: 970
  year: 2018
  ident: 10.1016/j.jpdc.2025.105130_br0440
  article-title: Deploying microservice based applications with Kubernetes: experiments and lessons learned
– start-page: 0184
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0430
  article-title: Building modern clouds: using Docker, Kubernetes & Google cloud platform
– volume: 10
  start-page: 1305
  year: 2022
  ident: 10.1016/j.jpdc.2025.105130_br0540
  article-title: Continuous integration and deployment automation in aws cloud infrastructure
  publication-title: Int. J. Res. Appl. Sci. Eng. Technol.
  doi: 10.22214/ijraset.2022.44106
– start-page: 86
  year: 2014
  ident: 10.1016/j.jpdc.2025.105130_br0170
  article-title: Web 1.0 to web 3.0-evolution of the web and its various challenges
– volume: 119
  start-page: 97
  year: 2018
  ident: 10.1016/j.jpdc.2025.105130_br0360
  article-title: Application deployment using microservice and Docker containers: framework and optimization
  publication-title: J. Netw. Comput. Appl.
  doi: 10.1016/j.jnca.2018.07.003
– volume: 59
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0260
  article-title: Serving while attacked: ddos attack effect minimization using page separation and container allocation strategy
  publication-title: J. Inf. Secur. Appl.
– start-page: 398
  year: 2018
  ident: 10.1016/j.jpdc.2025.105130_br0030
  article-title: Container-based performance evaluation: a survey and challenges
– start-page: 28
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0060
  article-title: Fastbuild: accelerating Docker image building for efficient development and deployment of container
– start-page: 37
  year: 2015
  ident: 10.1016/j.jpdc.2025.105130_br0520
  article-title: Performance comparison of web servers with different architectures: a case study using high concurrency workload
– start-page: 1689
  year: 2021
  ident: 10.1016/j.jpdc.2025.105130_br0480
  article-title: Mitigating security attacks in Kubernetes manifests for security best practices violation
– start-page: 2019
  year: 2019
  ident: 10.1016/j.jpdc.2025.105130_br0210
  article-title: Review of recent detection methods for http ddos attack
  publication-title: J. Comput. Netw. Commun.
– volume: 171
  start-page: 1419
  year: 2020
  ident: 10.1016/j.jpdc.2025.105130_br0080
  article-title: Performance evaluation of Docker container and virtual machine
  publication-title: Proc. Comput. Sci.
  doi: 10.1016/j.procs.2020.04.152
– volume: 49
  start-page: 71
  issue: 1
  year: 2015
  ident: 10.1016/j.jpdc.2025.105130_br0050
  article-title: An introduction to Docker for reproducible research
  publication-title: Oper. Syst. Rev.
  doi: 10.1145/2723872.2723882
SSID ssj0011578
Score 2.4242122
Snippet Containerization has become the primary method for deploying applications, with web services being the most prevalent. However, exposing server IP addresses to...
SourceID crossref
elsevier
SourceType Index Database
Publisher
StartPage 105130
SubjectTerms Containerization
DDoS attacks and defenses
Docker
Kubernetes
Web services security
Title Mitigating DDoS attacks in containerized environments: A comparative analysis of Docker and Kubernetes
URI https://dx.doi.org/10.1016/j.jpdc.2025.105130
Volume 204
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV09T8MwELWqsrDwjSgflQc2FJrEcRyzVS1VoWqXUqlb5PgDpUhpVaULA78dX-NAkRADY6I4iV6cu7P13juEblnix4rFkSdjZhcoMlCeEKHxjOKaU66Yv1W5jifxcBY9z-m8gXq1FgZolS72VzF9G63dmY5Ds7PK884Ukh8j0L-nUiOAgj1iMMvvP75oHuAlk9RWnHC1E85UHK_FSoGNYUih3W0ATOjfktNOwhkcoQNXKeJu9TLHqKGLE3RYd2HA7qc8RWacVz4ZxSvu95dTLMoShPM4LzAQ0QXI-_J3rfCuqO0Bd7H8dv7GwpmT4KXBNvG82SeIQuHRJtPrAjZnz9Bs8PjSG3que4InQ0pKT3HBmM01nCpqAhXLjPMM6h3fgMc7UVlGhF3tEB3bGoMZEkouqZQkTDQXcUbOUbNYFvoCYW3sOsuXRNh7RJSphETE902ihVBhIoIWuqthS1eVSUZas8cWKYCcAshpBXIL0RrZ9MenTm0U_2Pc5T_HXaF9OKoYeNeoWa43-sZWEmXW3k6VNtrrPo2Gk094n8gy
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV27TsMwFLVKGWDhjShPD2woNInjOGZDLVWhj6Wt1C1y_EApUlpV6cLAt-PbJFAkxMCaxEl0Et97bZ1zLkK3LHJDxcLAkSGzCxTpKUcI3zhGcc0pV8xdq1wHw7A7CV6mdFpDrUoLA7TKMvYXMX0drcsjzRLN5iJNmyNIfoxA_55CjbCFtgM7faGNwf3HF88DzGSiyosTLi-VMwXJa7ZQ4GPoU-h36wEV-rfstJFxOgdorywV8WPxNoeoprMjtF-1YcDlrDxGZpAWRhnZK2635yMs8hyU8zjNMDDRBej70net8Kaq7QE_Yvlt_Y1F6U6C5wbbzPNmnyAyhXurRC8z2J09QZPO07jVdcr2CY70KckdxQVjNtlwqqjxVCgTzhMoeFwDJu9EJQkRdrlDdGiLDGaIL7mkUhI_0lyECTlF9Wye6TOEtbELLVcSYe8RUKYiEhDXNZEWQvmR8BroroItXhQuGXFFH5vFAHIMIMcFyA1EK2TjH986tmH8j3Hn_xx3g3a640E_7j8PexdoF84UdLxLVM-XK31ly4o8uV7_Np9DO8nA
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Mitigating+DDoS+attacks+in+containerized+environments%3A+A+comparative+analysis+of+Docker+and+Kubernetes&rft.jtitle=Journal+of+parallel+and+distributed+computing&rft.au=Chuang%2C+Yung-Ting&rft.au=Tu%2C+Chih-Han&rft.date=2025-10-01&rft.issn=0743-7315&rft.volume=204&rft.spage=105130&rft_id=info:doi/10.1016%2Fj.jpdc.2025.105130&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_jpdc_2025_105130
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0743-7315&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0743-7315&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0743-7315&client=summon