Virginia Tech®home

Seminar: KASLR in the age of MicroVMs

Dan Williams

Assistant Professor, Virginia Tech

Friday, October 15, 2021
2:30pm - 3:45pm
2150 Torgersen Hall


Emerging cloud computing models like serverless are driving the development of virtualization architectures that are both lightweight and well-isolated.  In this talk, I will highlight the key to fast VM boot times---removing guest self-bootstrapping code---but also the hidden dangers of losing security features when doing so.  Specifically, I will show how kernel address space layout randomization (KASLR) has been inadvertently discarded for the sake of fast boot in AWS Firecracker and how a novel approach of in-monitor randomization can provide this feature without the overheads of self-bootstrapping.


Dan Williams recently joined Virginia Tech as an Assistant Professor after 10 years as a Research Staff Member at IBM Research.  His research interests center around operating systems and virtualization usually in a cloud security context.  He is best known for his work on unikernels as the original author of Solo5 and a co-creator of IBM Nabla Containers.