Agentless multi-page type measurement system and method of progress code of virtual machine

Abstract

The invention discloses an agentless multi-page type measurement system and method of a progress code of a virtual machine. The system comprises a capturing module, a measurement module, a comparing module, a basic value base and a log, wherein the capturing module is provided with a measurement point and is used for capturing a system event in the virtual machine and reconstructing progress information of a currently executed progress by adopting a VMI (Vendor Managed Inventory) technology; the measurement module is used for dividing the progress code of the virtual machine according to the progress information and the size of a physical page of the virtual machine, generating page information for each page, measuring a code page, which is loaded into a physical memory of the virtual machine, of the page information and generating measurement information; the comparing module is used for combining basic values in the basic value base and comparing according to the measurement information of the code page, analyzing the integrity and writing comparing information into the log; the basic value base is used for storing basic value information of the code page; the log is used for recording the comparing information in a measurement process of the code page. According to the agentless multi-page type measurement system and method of the progress code of the virtual machine, the problem that Hypervisor cannot measure a complete progress code of the virtual machine, caused by a dynamic memory distribution manner of the virtual machine, is solved.

Description

technical field [0001] The invention relates to the technical field of virtual machine security monitoring, in particular to an agentless paging measurement system and method for virtual machine process codes. Background technique [0002] Virtualization technology is one of the core technologies of cloud computing platform. With the massive application of cloud computing services, the security of cloud computing platform has become the focus of attention. In general, key businesses deployed on the cloud need to run for a long time to provide services to users, and business security, stability, and availability are key requirements to ensure service quality. On the one hand, the virtual machine operating system, as the carrier of key business, has different degrees of security flaws, such as system configuration and code loopholes; on the other hand, there are loopholes in the code of key business itself. Malicious software can take advantage of vulnerabilities in operating...

AI Technical Summary

Problems solved by technology

[0005] In view of the above problems, the object of the present invention is to provide an agentless paging measurement system and method for virtual machine process codes capable of measuring the integrity of virtual machine processes, so as to solve the problem that Hypervisor cannot measure the integrity of virtual machines due to the way virtual machines dynamically allocate memory The problem with the machine process code segment

Images