Overview
Explore a comprehensive security framework for protecting against malicious peripherals in the Linux kernel through this 20-minute IEEE conference talk. Dive into the Linux (e)BPF Modules (LBM) framework, which provides a unified API for enforcing protection against malicious USB, Bluetooth, and NFC devices. Learn how LBM leverages the eBPF packet filtering mechanism for performance and extensibility, and discover the high-level language designed to facilitate powerful filtering functionality. Examine the framework's ability to instantiate and unify existing defenses, and understand its minimal overhead of within 1 μs per packet in most cases. Gain insights into this pioneering security solution, designed to offer comprehensive protection against diverse malicious peripherals within the Linux kernel.
Syllabus
LBM: A Security Framework for Peripherals within the Linux Kernel
Taught by
IEEE Symposium on Security and Privacy