Seminar: KASLR in the age of MicroVMs
Assistant Professor, Virginia Tech
Friday, October 15, 2021
2:30pm - 3:45pm
2150 Torgersen Hall
Emerging cloud computing models like serverless are driving the development of virtualization architectures that are both lightweight and well-isolated. In this talk, I will highlight the key to fast VM boot times---removing guest self-bootstrapping code---but also the hidden dangers of losing security features when doing so. Specifically, I will show how kernel address space layout randomization (KASLR) has been inadvertently discarded for the sake of fast boot in AWS Firecracker and how a novel approach of in-monitor randomization can provide this feature without the overheads of self-bootstrapping.
Dan Williams recently joined Virginia Tech as an Assistant Professor after 10 years as a Research Staff Member at IBM Research. His research interests center around operating systems and virtualization usually in a cloud security context. He is best known for his work on unikernels as the original author of Solo5 and a co-creator of IBM Nabla Containers.