Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Kernel integrity detection method based on xen virtualization

A technology of integrity detection and virtualization, applied in platform integrity maintenance, software simulation/interpretation/simulation, memory address/allocation/relocation, etc., can solve the problem that security software does not have privileged advantages, and achieve the goal of ensuring security Effect

Inactive Publication Date: 2016-05-25
XIDIAN UNIV
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The integrity protection and detection tools realized by the above technologies are typically checkidt, kem-check, etc., and they all have a deficiency: the security software for kernel integrity detection and protection is in the same address space as the detected system, and the currently popular Rootkit Malware such as malware runs in the kernel state of the system and is at the same privilege level as security software. Compared with malware, security software does not have any privilege advantages.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Kernel integrity detection method based on xen virtualization
  • Kernel integrity detection method based on xen virtualization
  • Kernel integrity detection method based on xen virtualization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described below in conjunction with the accompanying drawings.

[0037] 1. Overall structure design

[0038] The kernel integrity detection system based on Xen virtualization consists of three basic parts, which are memory mapping part, information acquisition part and security detection part. The system of the present invention is deployed in the management domain Dom0, effectively utilizes the isolation provided by Xen, and prevents the system of the present invention from being attacked by malicious software in the customer domain DomU. The overall system architecture diagram is as follows figure 1 shown.

[0039] The functions of the above parts are as follows:

[0040] The memory mapping part simulates the paging mechanism in the customer domain DomU in the management domain Dom0, and provides an interface to obtain the machine byte data at the hardware level in the customer domain DomU, including obtaining the binary data o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a kernel integrity detection method based on Xen virtualization. According to the method, a kernel integrity detection system is utilized to detect kernel integrity of a virtual machine operation system which is operated on a Xen virtualized platform; a memory mapping part, an information acquisition part and a safety detection part are arranged on a Dom 0 of the system, wherein the memory mapping part provides an interface for acquiring machine byte data of a hardware level of a Dom U; the information acquisition part deploys the machine byte data, acquired by the interface provided by the memory mapping part, of the hardware level of the Dom U, and converts the machine byte data of the hardware level into information of the level of the operation system according to the version of the operation system in the Dom U; the safety detection part calls kernel key data, acquired by the information acquisition part, of the operation system in the Dom U in a polling mode, and judges whether kernel integrity of the operation system in the Dom U is damaged or not according to safety policies of the system. According to the method, the detection system is deployed outside a monitored system, and therefore the safety of the detection system is guaranteed, and meanwhile kernel integrity of the monitored system is detected.

Description

technical field [0001] The invention relates to the technical field of computer virtualization, and further relates to the field of computer virtualization and security. It is a kernel integrity detection method based on Xen virtualization. It is used on the Xen virtualization platform where the guest operating system is Linux or Unix-like operating system. The key data structures and codes of the kernel of the operating system are inspected for integrity, providing security for the operating system running on the virtualization platform. Background technique [0002] Operating system security is an integral part of computer security. The kernel is the core of an operating system. It is the first layer of software expansion based on hardware. It provides the most basic functions of the operating system and is the basis for the operation of the operating system. [0003] In recent years, with the development of hacking technology, especially rootkit technology, attackers ha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06F9/455G06F12/02
CPCG06F9/45504G06F21/566
Inventor 黄为杨超马建峰王照羽侯琬婷张驰
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com