Container is a virtual machine technology sharing an operating system. In detail, a container engine may provide an isolated environment for each container so that each container seems to operate on an independent operating system but is capable of sharing bottom resources. Container technology has found wide application in recent years due to characteristics thereof such as a lightweight, a high extensibility and a high flexibility or the like.
With the popularity of the container technology, the frequency of attack or intrusion to the container from third parties is increasing gradually, and these behaviors rise various problems to the security of the container. For example, a third party may initiate the following attacking or intruding behaviors: attacking or intruding upon a host so as to control the operation of the container within the host; attacking or intruding upon a certain container and using the container as a springboard to control the operation of other containers or the host. Accordingly, an urgent need exists in the art to effectively detect the attack or intrusion to the container from the third party.