KvmSec: a security extension for Linux kernel virtual machines

Abstract

Virtualization is increasingly being used in regular desktop PCs, data centers and server farms. One of the advantages of introducing this additional architectural layer is to increase overall system security. In this paper we propose an architecture (<i>KvmSec</i>) that is an extension to the Linux Kernel Virtual Machine aimed at increasing the security of guest virtual machines. KvmSec can protect guest virtual machines against attacks such as viruses and kernel rootkits. KvmSec enjoys the following features: it is transparent to guest machines; it is hard to access even from a compromised virtual machine; it can collect data, analyze them, and act consequently on guest machines; it can provide secure communication between each of the guests and the host; and, it can be deployed on Linux hosts and at present supports Linux guest machines. These features are leveraged to implement a real-time monitoring and security management system. Further, differences and advantages over previous solutions are highlighted, as well as a concrete roadmap for further development.

DOI: 10.1145/1529282.1529733

Extracted Key Phrases

6 Figures and Tables

Statistics

0102020102011201220132014201520162017
Citations per Year

52 Citations

Semantic Scholar estimates that this publication has 52 citations based on the available data.

See our FAQ for additional information.

Cite this paper

@inproceedings{Lombardi2009KvmSecAS, title={KvmSec: a security extension for Linux kernel virtual machines}, author={Flavio Lombardi and Roberto Di Pietro}, booktitle={SAC}, year={2009} }