KvmSec: A security extension for Linux kernel virtual machines

Flavio Lombardi, Roberto Di Pietro

Research output: Chapter in Book/Report/Conference proceedingConference contribution

31 Scopus citations

Abstract

Virtualization is increasingly being used in regular desktop PCs, data centers and server farms. One of the advantages of introducing this additional architectural layer is to increase overall system security. In this paper we propose an architecture (KvmSec) that is an extension to the Linux Kernel Virtual Machine aimed at increasing the security of guest virtual machines. KvmSec can protect guest virtual machines against attacks such as viruses and kernel rootkits. KvmSec enjoys the following features: it is transparent to guest machines; it is hard to access even from a compromised virtual machine; it can collect data, analyze them, and act consequently on guest machines; it can provide secure communication between each of the guests and the host; and, it can be deployed on Linux hosts and at present supports Linux guest machines. These features are leveraged to implement a real-time monitoring and security management system. Further, differences and advantages over previous solutions are highlighted, as well as a concrete roadmap for further development. Copyright 2009 ACM.
Original languageEnglish (US)
Title of host publicationProceedings of the ACM Symposium on Applied Computing
Pages2029-2034
Number of pages6
DOIs
StatePublished - Dec 1 2009
Externally publishedYes

Bibliographical note

Generated from Scopus record by KAUST IRTS on 2023-09-20

Fingerprint

Dive into the research topics of 'KvmSec: A security extension for Linux kernel virtual machines'. Together they form a unique fingerprint.

Cite this