Description: The Linux kernel ships with many features which can be, and are, exploited by attackers. In this talk, we explore two different approaches to reduce the kernel attack surface. One at compile-time, whereby execution traces of the kernel are taken into account to automatically generate a tailored kernel configuration. Another at run-time, whereby traces are directly used at run-time to detect the use of unnecessary functions by a subset of applications. Prior to that, we will give a precise definition of the attack surface and propose ways of measuring it, to be able to objectively evaluate the benefits of such approaches.
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.