Supercharge Your Innovation With Domain-Expert AI Agents!

Dynamic and non-invasive application process function call monitoring method in virtual machine manager

A technology of virtual machine manager and function call, applied in the direction of program control design, program control device, instrument, etc., can solve the problems of inability to monitor, difficult to configure, not non-invasive, etc., to achieve high security and non-invasive. Effect

Active Publication Date: 2019-01-15
NANJING UNIV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Some of the existing monitoring methods use to modify the registered function pointer table, so that when the function is called, it can jump to the monitoring function for monitoring. In this way, functions that are not registered cannot be monitored; some monitoring methods use Insert monitoring code at the function call. This method is difficult to implement dynamic configuration. It is not non-invasive to modify and compile the application program.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] A dynamic and non-invasive application process function call monitoring method in the virtual machine manager, including the function call trigger insertion algorithm and the construction of the trigger code. When monitoring is required, start from the entry address of the function of the monitored application program The function call trigger code is inserted according to the position selected by the function call trigger insertion algorithm, and the original state can be restored when monitoring is not required, which is dynamic and non-invasive.

[0015] When monitoring is required, the function call trigger code is inserted from the entry address of the monitored application program according to the position selected by the function call trigger insertion algorithm, and it can be restored to its original state when monitoring is not required, which is dynamic and non-invasive sex.

[0016] The function call trigger code is as follows:

[0017] (1) If the register e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a dynamic and non-intrusive application process function calling monitoring method in a virtual machine manager. The method includes a function calling trigger insertion algorithm and construction of a trigger code. When monitoring is needed, a function calling trigger code is inserted from the starting position of an entry address of a function of a monitored application according to a position selected by the function calling trigger insertion algorithm; when the monitoring of the function of the application is not needed, the function code can be restored; and dynamism and non-intrusive property are realized. The method is advantageous in that a 7-byte or 9-byte position can be searched at an entry of any monitored function, and one of a 7-byte function calling trigger code and a 9-byte function calling trigger code is selected for insertion at the position according to the condition of the original code of the position.

Description

technical field [0001] The invention relates to a dynamic and non-invasive application process function call monitoring method in a virtual machine manager, which can monitor any function call in any user process. The monitoring behavior can be set dynamically. Only when the manager needs it, a function call trigger is inserted in the called function of the monitored application. After the function call trigger is inserted, once the function to be monitored is called, the function The call trigger triggers an exception and traps the hypervisor; while the function in the application does not need to be monitored, the code of this function remains as it is. Therefore, the monitoring method is dynamic and non-invasive, and belongs to the field of computer application technology. Background technique [0002] Some of the existing monitoring methods use to modify the registered function pointer table, so that when the function is called, it can jump to the monitoring function fo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F9/455
CPCG06F9/45533
Inventor 黄皓余劲
Owner NANJING UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com