TY - GEN
T1 - KvmSec: A security extension for Linux kernel virtual machines
AU - Lombardi, Flavio
AU - Di Pietro, Roberto
N1 - Generated from Scopus record by KAUST IRTS on 2023-09-20
PY - 2009/12/1
Y1 - 2009/12/1
N2 - Virtualization is increasingly being used in regular desktop PCs, data centers and server farms. One of the advantages of introducing this additional architectural layer is to increase overall system security. In this paper we propose an architecture (KvmSec) that is an extension to the Linux Kernel Virtual Machine aimed at increasing the security of guest virtual machines. KvmSec can protect guest virtual machines against attacks such as viruses and kernel rootkits. KvmSec enjoys the following features: it is transparent to guest machines; it is hard to access even from a compromised virtual machine; it can collect data, analyze them, and act consequently on guest machines; it can provide secure communication between each of the guests and the host; and, it can be deployed on Linux hosts and at present supports Linux guest machines. These features are leveraged to implement a real-time monitoring and security management system. Further, differences and advantages over previous solutions are highlighted, as well as a concrete roadmap for further development. Copyright 2009 ACM.
AB - Virtualization is increasingly being used in regular desktop PCs, data centers and server farms. One of the advantages of introducing this additional architectural layer is to increase overall system security. In this paper we propose an architecture (KvmSec) that is an extension to the Linux Kernel Virtual Machine aimed at increasing the security of guest virtual machines. KvmSec can protect guest virtual machines against attacks such as viruses and kernel rootkits. KvmSec enjoys the following features: it is transparent to guest machines; it is hard to access even from a compromised virtual machine; it can collect data, analyze them, and act consequently on guest machines; it can provide secure communication between each of the guests and the host; and, it can be deployed on Linux hosts and at present supports Linux guest machines. These features are leveraged to implement a real-time monitoring and security management system. Further, differences and advantages over previous solutions are highlighted, as well as a concrete roadmap for further development. Copyright 2009 ACM.
UR - https://dl.acm.org/doi/10.1145/1529282.1529733
UR - http://www.scopus.com/inward/record.url?scp=72949120122&partnerID=8YFLogxK
U2 - 10.1145/1529282.1529733
DO - 10.1145/1529282.1529733
M3 - Conference contribution
SN - 9781605581668
SP - 2029
EP - 2034
BT - Proceedings of the ACM Symposium on Applied Computing
ER -