Unlock instant, AI-driven research and patent intelligence for your innovation.

A channel detection method and device

A channel detection and covert channel technology, applied in the field of network security, can solve problems such as large impact on system performance, loss of memory deduplication mechanism, etc.

Active Publication Date: 2019-07-19
HUAWEI TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In the existing technology, in order to prevent malicious users from passing the private data of ordinary users through covert channels, the memory deduplication mechanism is directly turned off. Although this method can solve the covert channel attack, it loses the advantages of the memory deduplication mechanism , which has a great impact on system performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A channel detection method and device
  • A channel detection method and device
  • A channel detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0057] The channel detection method in the embodiment of the present invention can be applied to the detection process of a covert channel constructed based on memory deduplication technology in a multi-tenant cloud environment.

[0058] The following will be combined with figure 1 To attach Figure 6 , to introduce and illustrate the channel detection method provided by the embodiment of the present invention.

[0059] Please refer to figure 2 , i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the present invention discloses a channel detection method and device. The method includes: when at least two virtual machines perform memory deduplication and merging on the same physical host, intercepting the event executed by the operating system in the operating system instruction flow Sequence, the event sequence includes obtaining time events; find the target subsequence from the event sequence, and obtain the time attribute of the target subsequence; judge whether the time attribute of the target subsequence satisfies the preset condition, when When the time attribute of the target subsequence satisfies a preset condition, it is determined that a covert channel exists in the system. By adopting the present invention, it is possible to accurately detect whether there is a covert channel in the system without affecting the function of the normal memory deduplication mechanism in the system.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a channel detection method and device. Background technique [0002] In a multi-tenant cloud environment, virtual machines between tenants usually share the memory of the same physical host. The specific sharing method can be shared by using memory deduplication technology. Memory deduplication technology is to merge the same physical memory pages. Only one physical copy of the memory page is kept, and all other virtual machines map the physical memory page together. In the subsequent use process, when a virtual machine needs to perform a write operation on the memory page, the operating system will initiate a write operation exception event, such as a copy-on-write (Copy-On-Write, COW) page write operation exception event, and Re-copy a physical memory page for the virtual machine to perform write operations. [0003] However, the introduction of memory deduplication ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCG06F21/78G06F21/53
Inventor 袁劲枫王胜
Owner HUAWEI TECH CO LTD