Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore Linux Virtualization Based Security (LVBS) in this 32-minute conference talk that examines hypervisor-backed kernel protection solutions. Learn how sophisticated kernel-level attackers can circumvent built-in Linux security mechanisms like control-register pinning, module authentication, and file authentication, and discover why hypervisor-level enforcement provides significantly stronger protection. Understand the LVBS architecture as a hypervisor-agnostic framework that enables different hypervisor types to enhance Linux kernel security while protecting critical system assets including passwords, keys, and essential kernel data structures. Examine the implementation of this common, extendable architecture that allows both type-1 hypervisors like Hyper-V and type-2 hypervisors like KVM to connect with a unified security layer. Delve into the current development status across three key areas: the evolution and current state of the hypervisor-agnostic common layer, the integration of Hyper-V's Virtual Secure Mode (VSM) with the common layer for enhanced kernel protection, and the application of this architecture within KVM environments.
