KvmSec

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

KvmSec: a security extension for Linux kernel virtual machines

Full text

Pdf (840 KB)

Source

Symposium on Applied Computing archive
Proceedings of the 2009 ACM symposium on Applied Computing table of contents

Honolulu, Hawaii

SESSION: Computer security track table of contents

Pages 2029-2034

Year of Publication: 2009

ISBN:978-1-60558-166-8

Authors

Flavio Lombardi	Consiglio Nazionale delle Ricerche, Ufficio Sistemi Informativi, Rome, Italy
Roberto Di Pietro	Universitat Rovira i Virgili, Tarragona, Spain

Sponsor

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 35, Downloads (12 Months): 157, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1529282.1529733 What is a DOI?

ABSTRACT

Virtualization is increasingly being used in regular desktop PCs, data centers and server farms. One of the advantages of introducing this additional architectural layer is to increase overall system security.

In this paper we propose an architecture (KvmSec) that is an extension to the Linux Kernel Virtual Machine aimed at increasing the security of guest virtual machines. KvmSec can protect guest virtual machines against attacks such as viruses and kernel rootkits. KvmSec enjoys the following features: it is transparent to guest machines; it is hard to access even from a compromised virtual machine; it can collect data, analyze them, and act consequently on guest machines; it can provide secure communication between each of the guests and the host; and, it can be deployed on Linux hosts and at present supports Linux guest machines. These features are leveraged to implement a real-time monitoring and security management system. Further, differences and advantages over previous solutions are highlighted, as well as a concrete roadmap for further development.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Advanced intrusion detection environment. http://sourceforge.net/projects/aide, 2005.
	2	Sgi inc. lkcd - Linux kernel crash dump. http://lkcd.sf.net, April 2006.
	3	Mark Aiken , Manuel Fähndrich , Chris Hawblitzel , Galen Hunt , James Larus, Deconstructing process isolation, Proceedings of the 2006 workshop on Memory system performance and correctness, October 22-22, 2006, San Jose, California [doi>10.1145/1178597.1178599]
	4	Paul Barham , Boris Dragovic , Keir Fraser , Steven Hand , Tim Harris , Alex Ho , Rolf Neugebauer , Ian Pratt , Andrew Warfield, Xen and the art of virtualization, ACM SIGOPS Operating Systems Review, v.37 n.5, December 2003
	5	Fabrice Bellard, QEMU, a fast and portable dynamic translator, Proceedings of the annual conference on USENIX Annual Technical Conference, p.41-41, April 10-15, 2005, Anaheim, CA
	6	R. Di Pietro and L. V. Mancini. Intrusion Detection Systems, volume 38 of Advances in Information Security. Springer-Verlag, 2008.
	7	Trent Jaeger , Reiner Sailer , Yogesh Sreenivasan, Managing the risk of covert information flows in virtual machine systems, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France [doi>10.1145/1266840.1266853]
	8	Peter A. Loscocco , Perry W. Wilson , J. Aaron Pendergrass , C. Durward McDonell, Linux kernel integrity measurement using contextual inspection, Proceedings of the 2007 ACM workshop on Scalable trusted computing, November 02-02, 2007, Alexandria, Virginia, USA [doi>10.1145/1314354.1314362]
	9	Bryan D. Payne , Martim Carbone , Monirul Sharif , Wenke Lee, Lares: An Architecture for Secure Active Monitoring Using Virtualization, Proceedings of the 2008 IEEE Symposium on Security and Privacy, p.233-247, May 18-21, 2008 [doi>10.1109/SP.2008.24]
	10	Qumranet. Linux kernel virtual machine. http://kvm.qumranet.com.
	11	Nguyen Anh Quynh , Yoshiyasu Takefuji, A novel approach for a file-system integrity monitor tool of Xen virtual machine, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore [doi>10.1145/1229285.1229313]
	12	Nguyen Anh Quynh , Yoshiyasu Takefuji, Towards a tamper-resistant kernel rootkit detector, Proceedings of the 2007 ACM symposium on Applied computing, March 11-15, 2007, Seoul, Korea [doi>10.1145/1244002.1244070]
	13	Reiner Sailer , Xiaolan Zhang , Trent Jaeger , Leendert van Doorn, Design and implementation of a TCG-based integrity measurement architecture, Proceedings of the 13th conference on USENIX Security Symposium, p.16-16, August 09-13, 2004, San Diego, CA
	14	Arvind Seshadri , Mark Luk , Ning Qu , Adrian Perrig, SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes, Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, October 14-17, 2007, Stevenson, Washington, USA
	15	Francesco Tamberi , Dario Maggiari , Daniele Sgandurra , Fabrizio Baiardi, Semantics-Driven Introspection in a Virtual Environment, Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security, p.299-302, September 08-10, 2008 [doi>10.1109/IAS.2008.17]
	16	Jisoo Yang , Kang G. Shin, Using hypervisor to provide data secrecy for user applications on a per-page basis, Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 05-07, 2008, Seattle, WA, USA [doi>10.1145/1346256.1346267]