🔒 Docker Security Toolkit - Complete Setup & Usage Guide

📋 Prerequisites

• Operating System: Fedora, Debian, or Ubuntu Linux
• Python: 3.10 - 3.12 (Note: Python 3.14 is NOT supported by TensorFlow yet. The setup script will attempt to use Python 3.11).
• Docker: Docker Engine or Docker Desktop (Linux).
• Internet Connection: Required for downloading dependencies.

---

🚀 Quick Start (Automated Setup)

Step 1: Clone or Navigate to Project Directory

cd ~/Downloads/docker_security_toolkit

Step 2: Make Scripts Executable

chmod +x setup.sh quick_start.sh

Step 3: Run Automated Setup

This script handles OS detection, creates a Python 3.11 virtual environment, and builds test containers.

./setup.sh

⚠️ IMPORTANT:

1. If the script adds you to the Docker group, you MUST log out and log back in.
2. If you are on Fedora with Docker Desktop, the script might fail to enable the systemd service. This is normal and can be ignored as long as Docker Desktop is running.

Step 4: Verify Installation

# Activate virtual environment
source venv/bin/activate

# Check Python packages (updated to include web server)
python3 -c "import tensorflow, sklearn, pandas, docker, flask, waitress; print('All modules loaded!')"

---

🤖 Training Machine Learning Models

Before scanning, you must train the models to recognize "normal" container behavior.

source venv/bin/activate
python3 src/train_model.py

Expected Output:

...
PART 1: TRAINING STATIC RISK CLASSIFIER
PART 2: TRAINING RUNTIME ANOMALY DETECTOR
✅ TRAINING COMPLETE - ALL MODELS READY

---

🌐 Running the Web Interface

The easiest way to use the tool is via the Quick Launcher.

./quick_start.sh

Select Option 1 to start the dashboard.

Access the interface: Open browser → http://localhost:5000

---

💻 Command Line Usage

You can use the scanner directly from the terminal.

1. Basic Scan (Auto-detect)

Scans an image and attempts to find a running container using that image.

source venv/bin/activate
python3 src/main_scanner.py alpine:latest

2. Scan Specific Test Containers

The setup.sh script created three specific test containers for you. You can scan them to test the anomaly detection:

Scan the CPU-Stress Container:

python3 src/main_scanner.py cpu_test:latest --container container_cpu

Scan the Network-Activity Container:

python3 src/main_scanner.py network_test:latest --container container_network

3. Static Analysis Only (No Container Needed)

If you only want to check vulnerabilities (CVEs) without running the container:

python3 src/main_scanner.py ubuntu:22.04 --skip-runtime

---

📁 Project Structure

docker_security_toolkit/
|
├── config
│   └── config.py
├── data
│   ├── dataset.csv
│   ├── dataset_test.csv
│   ├── runtime_data.csv
│   ├── runtime_data_test.csv
│   └── training_metrics.json
├── Makefile
├── models
├── quick_start.sh
├── README.md
├── reports
├── requirements.txt
├── SETUP_INSTRUCTIONS.md
├── setup.sh
├── src
│   ├── data_collector.py
│   ├── main_scanner.py
│   ├── runtime_analyzer.py
│   ├── static_analyzer.py
│   ├── train_model.py
│   └── utils.py
├── static
│   └── script.js
├── templates
│   └── index.html
├── tests
│   ├── cpu_container
│   │   ├── cpu_task.py
│   │   └── Dockerfile
│   ├── extra_package_container
│   │   ├── basic_task.py
│   │   └── Dockerfile
│   └── network_container
│       ├── Dockerfile
│       └── fetch_api.py
└── web_app.py

---

🛠️ Troubleshooting

Issue: "Docker Connection Error" / "FileNotFoundError"

Cause: Python cannot find the Docker Socket. Fix:

1. Ensure Docker Desktop is running.
2. Check config/config.py for the auto-detect code.
3. Run ls -l ~/.docker/desktop/docker.sock to confirm the socket exists.

Issue: "TensorFlow not found" or "No matching distribution"

Cause: You are likely using Python 3.14, which is too new. Fix:

1. Delete the venv folder: rm -rf venv
2. Run ./setup.sh again (it will force Python 3.11).