Securing Virtualized System via Active Protection

Virtualization is the predominant enabling technology of current cloud infrastructure

Intel TDX Demystified: A Top-Down Approach

Intel Trust Domain Extensions (TDX) is a new architectural extension in the 4th Generation Intel Xeon Scalable Processor that supports confidential computing. TDX allows the deployment of virtual machines in the Secure-Arbitration Mode (SEAM) with encrypted CPU state and memory, integrity protection, and remote attestation. TDX aims to enforce hardware-assisted isolation for virtual machines and minimize the attack surface exposed to host platforms, which are considered to be untrustworthy or adversarial in the confidential computing's new threat model. TDX can be leveraged by regulated industries or sensitive data holders to outsource their computations and data with end-to-end protection in public cloud infrastructure. This paper aims to provide a comprehensive understanding of TDX to potential adopters, domain experts, and security researchers looking to leverage the technology for their own purposes. We adopt a top-down approach, starting with high-level security principles and moving to low-level technical details of TDX. Our analysis is based on publicly available documentation and source code, offering insights from security researchers outside of Intel

A conserved motif flags acyl carrier proteins for β-branching in polyketide synthesis

Type I PKSs often utilise programmed β-branching, via enzymes of an “HMG-CoA synthase (HCS) cassette”, to incorporate various side chains at the second carbon from the terminal carboxylic acid of growing polyketide backbones. We identified a strong sequence motif in Acyl Carrier Proteins (ACPs) where β-branching is known. Substituting ACPs confirmed a correlation of ACP type with β-branching specificity. While these ACPs often occur in tandem, NMR analysis of tandem β-branching ACPs indicated no ACP-ACP synergistic effects and revealed that the conserved sequence motif forms an internal core rather than an exposed patch. Modelling and mutagenesis identified ACP Helix III as a probable anchor point of the ACP-HCS complex whose position is determined by the core. Mutating the core affects ACP functionality while ACP-HCS interface substitutions modulate system specificity. Our method for predicting β-carbon branching expands the potential for engineering novel polyketides and lays a basis for determining specificity rules

2011 30th IEEE International Symposium on Reliable Distributed Systems Process Implanting: A New Active Introspection Framework for Virtualization

Abstract—Previous research on virtual machine introspection proposed “out-of-box ” approach by moving out security tools from the guest operating system. However, compared to the traditional “in-the-box ” approach, it remains a challenge to obtain a complete semantic view due to the semantic gap between the guest VM and the hypervisor. In this paper, we present Process Implanting, a new active VM introspection framework, to narrow the semantic gap by implanting a process from the host into the guest VM and executing it under the cover of an existing running process. With the protection and coordination from the hypervisor, the implanted process can run with a degree of stealthiness and exit gracefully without leaving negative impact on the guest operating system. We have designed and implemented a proof-of-concept prototype on KVM which leverages hardware virtualization. We also propose and demonstrate application scenarios for Process Implanting in the area of VM security. Keywords-Security; Virtualization; Active VM introspection I

A follow-up study on the recovery and reinfection of Omicron COVID-19 patients in Shanghai, China

ABSTRACTLimited follow-up data is available on the recovery of Omicron COVID-19 patients after acute illness. It is also critical to understand persistence of neutralizing antibody (NAb) and of T-cell mediated immunity and the role of hybrid immunity in preventing SARS-CoV-2 reinfection. This prospective cohort study included Omicron COVID-19 individuals from April to June 2022 in Shanghai, China, during a large epidemic caused by the Omicron BA.2 variant. A total of 8945 patients from three medical centres were included in the follow up programme from November 2022 to February 2023. Of 6412 individuals enrolled for the long COVID analysis, 605 (9.4%) individuals experienced at least one sequelae, mainly had fatigue and mental symptoms specific to Omicron BA.2 infection compared with other common respiratory tract infections. During the second-visit, 548 (12.1%) cases of Omicron reinfection were identified. Hybrid immunity with full and booster vaccination had reduced risk of SARS-CoV-2 reinfection by 0.29-fold (95% CI: 0.63–0.81) and 0.23-fold (95% CI: 0.68–0.87), respectively. For 469 participants willing to the hospital during the first visit, those who received full (72 [IQR, 36–156]) or booster (64 [IQR, 28–132]) vaccination had significantly higher neutralizing antibody titers than those with incomplete vaccination (36 [IQR, 16–79]). Moreover, non-reinfection cases had higher neutralizing antibody titers (64 [IQR, 28–152]) compared to reinfection cases (32 [IQR, 20–69])

A follow-up study on the recovery and reinfection of Omicron COVID-19 patients in Shanghai, China

Limited follow-up data is available on the recovery of Omicron COVID-19 patients after acute illness. It is also critical to understand persistence of neutralizing antibody (NAb) and of T-cell mediated immunity and the role of hybrid immunity in preventing SARS-CoV-2 reinfection. This prospective cohort study included Omicron COVID-19 individuals from April to June 2022 in Shanghai, China, during a large epidemic caused by the Omicron BA.2 variant. A total of 8945 patients from three medical centers were included in the follow up program from November, 2022 to February, 2023. Of 6412 individuals enrolled for the long COVID analysis, 605 (9.4%) individuals experienced at least one sequelae, mainly had fatigue and mental symptoms specific to Omicron BA.2 infection compared with other common respiratory tract infections. During the second-visit, 548 (12.1%) cases of Omicron reinfection were identified. Hybrid immunity with full and booster vaccination had reduced risk of SARS-CoV-2 reinfection by 0.29-fold (95% CI: 0.63 - 0.81) and 0.23-fold (95% CI: 0.68 - 0.87), respectively. For 469 participants willing to the hospital during the first visit, those who received full (72 [IQR, 36 - 156]) or booster (64 [IQR, 28 - 132]) vaccination had significantly higher neutralizing antibody titers than those with incomplete vaccination (36 [IQR, 16 - 79]). Moreover, non-reinfection cases had higher neutralizing antibody titers (64 [IQR, 28 - 152]) compared to reinfection cases (32 [IQR, 20 - 69]).</p