Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Software integrity verifying system and method based on VMM (virtual machine monitor)

A technology of integrity verification and software, applied in the computer field, can solve problems such as inability to defend against memory patch modification, software integrity verification, and affecting system performance, and achieve the goal of overcoming memory integrity, reducing performance overhead, and small performance overhead Effect

Active Publication Date: 2014-02-19
XIDIAN UNIV
View PDF10 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But, the weak point that this method still exists is: 1, this method obtains the path of executable file by intercepting the system call of upper layer operating system at VMM layer, because the system call in the modern operating system is very frequent, frequently intercept system call It will affect system performance; 2. This method does not verify the integrity of the memory, and cannot prevent memory patches from modifying the image of the software in memory
The disadvantage of this system is: the system obtains the path of the executable file by intercepting the system call of the upper operating system in the VMM. Because the system call of the operating system is very frequent, the frequency of passively falling into the VMM is very high, which affects the system. Performance; the system does not verify the integrity of the software in memory, and cannot prevent memory patches from modifying the image of the software in memory

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software integrity verifying system and method based on VMM (virtual machine monitor)
  • Software integrity verifying system and method based on VMM (virtual machine monitor)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The present invention will be further described in detail below with reference to the accompanying drawings.

[0035] Refer to the attached figure 1 The system of the present invention includes a virtual machine and a virtual machine monitor, the virtual machine includes an initialization module and a loop detection module, and the virtual machine monitor includes a hard disk integrity check module, a memory integrity check module and a hash value calculation module. in:

[0036] The initialization module completes the initialization work, including detecting whether the current CPU supports the virtualization feature, calling the CPUID instruction to enable the hardware virtualization feature, calling the hardware virtualization instruction, migrating the operating system to the virtual machine monitor, falling into the virtual machine monitor, calling Hard disk integrity check module and memory integrity check module.

[0037] The loop detection module periodically ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a software integrity verifying system and method based on a VMM (virtual machine monitor). The system comprises a virtual machine and the VMM. The virtual machine comprises an initial detecting module and a circulating detecting module. The VMM comprises a hard disk integrity verifying module, an internal memory integrity verifying module and a hash value calculating module. The method includes: initiating, creating a detecting thread, calculating the hash value of the software file in a hard disk, verifying hard disk integrity, calculating the hash value of the code segment in an internal memory, verifying internal memory integrity, and finishing software integrity verification. The system and the method has the advantages that integrity verification can be performed efficiently by actively being caught into the VMM, and internal memory integrity monitoring is achieved by creating a circulating detecting thread; the system and the method can be used for detecting software's malice modification of an executable file, crack prevention of software, and detecting internal memory patch's modification of the software image in the internal memory.

Description

technical field [0001] The invention belongs to the field of computer technology, and further relates to a software integrity checking system and method based on a virtual machine monitor (Virtual Machine Monitor, VMM) in the technical field of software security. The present invention transfers the software flow to the VMM by invoking the virtualization instruction, and performs the integrity check on the software at the VMM layer, which is used for detecting malicious modification of the software executable file itself, anti-cracking of the software, and detecting the impact of memory patches on the software in the software. Modification of the in-memory image. Background technique [0002] With the rapid development of computer technology, software has increasingly become an indispensable part of people's lives. The scale of software is increasing and the complexity is getting higher and higher, correspondingly, more and more resources are invested in software development...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F21/53
CPCG06F21/57
Inventor 朱辉李强陈晓峰李晖朱磊黄橙雷婉
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com