Visualizing Linux Kernel Security: A Defense Map and Hardening Checker
2025-04-09
Linux kernel security is intricate. This project presents a visual map detailing the relationships between vulnerability classes, exploitation techniques, detection mechanisms, and defense technologies. The map, written in DOT language and rendered with GraphViz, aids navigation of documentation and kernel source code. Complementing the map is a tool, `kernel-hardening-checker`, automating the verification of Linux kernel security hardening options, particularly those often disabled by default in major distributions, thereby enhancing system security.