Sandbox system based on light-weight virtual machine monitor and method for monitoring OS with sandbox system

A technology of virtual machine monitor and virtual machine, which is applied in the field of sandbox system, and can solve problems such as huge operating system code, high cost of sandbox virtualization, and difficulty in ensuring security.

Inactive Publication Date: 2013-10-09
XIANGTAN UNIV
View PDF12 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] In order to solve the above-mentioned problems such as huge operating system code, many loopholes, difficult to guarantee security, and the general virtual machine monitor is designed for resource isolation, therefore, the s

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sandbox system based on light-weight virtual machine monitor and method for monitoring OS with sandbox system
  • Sandbox system based on light-weight virtual machine monitor and method for monitoring OS with sandbox system
  • Sandbox system based on light-weight virtual machine monitor and method for monitoring OS with sandbox system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] In order to describe features and advantages of the present invention more clearly, below in conjunction with accompanying drawing, do detailed description as follows:

[0085] The structure of a sandbox system based on a lightweight virtual machine monitor is as follows: figure 1 As shown, it includes: a virtualization management module 102 , a sandbox security policy module 103 , a virtual machine communication module 104 and a lightweight virtualization sandbox module 107 . The lightweight virtualization sandbox module 107 includes a monitoring interception module 105 and a protection enforcement module 106 .

[0086] The virtualization management module 102 is used to dynamically load or unload the lightweight virtualization sandbox module 107 .

[0087] The sandbox security policy module 103 includes a configuration file, which defines the security policy of the sandbox system, and consists of three parts: a list of suspicious processes, a redirection protection p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a sandbox system based on a light-weight virtual machine monitor and a method for monitoring an OS with the sandbox system. The sandbox system comprises a virtualization management module, a sandbox strategy module, a virtual machine communication module and a light-weight virtualization sandbox module, as shown in the figure 1. According to the sandbox system, a light-weight virtual machine sandbox which is designed for the purpose of sandbox safety can be loaded dynamically according to the protective needs of a user. The light-weight virtual machine sandbox migrates the operation system into the light-weight virtual machine sandbox, system calling of a target course is monitored and intercepted, and suspicious operation on a file system from the target course is redirected under a sandbox protective route. The sandbox system has the advantages of being transparent to the operation system, small in code number, small in virtualization expenditure and the like.

Description

technical field [0001] The invention belongs to the field of computer security, and in particular relates to a sandbox system based on a lightweight virtual machine monitor. Background technique [0002] With the popularization of computer systems and computer networks, the Internet has developed into a running platform for many programs. However, due to loopholes in network protocols, computer operating systems, and browsers, computer systems are facing security challenges. At present, the active defense mechanism used by mainstream security software is immature, especially when the behavior of normal software coincides with the behavior of a virus, the active defense mechanism will cause manslaughter and cause the software to fail to run normally. In the face of more and more complex virus behaviors, the detection process of active defense will also greatly reduce the working performance of the computer. [0003] As a new type of security model, the sandbox provides a new...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/53
Inventor 程戈林政均李聪陈晰陈思娇马秋梅
Owner XIANGTAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap