Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

VMI method and system based on redirection of system calls

A technology of redirecting and redirecting requests, applied in the field of cloud computing security, can solve the problems of not being able to satisfy the cloud environment at the same time, and the difficulty of directly applying the VMI system to the cloud environment, etc., to achieve the effect of improving spontaneity, low performance impact, and high efficiency

Active Publication Date: 2017-09-26
HUAZHONG UNIV OF SCI & TECH
View PDF6 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] In view of the above defects or improvement needs of the prior art, the present invention provides a VMI method and system based on system call redirection, which can modify the kernel state of the VM from outside the target VM without any user authority , which greatly reduces the management cost of VM, and can be used to actively improve the security of the cloud environment, solving the problem that the existing VMI system is difficult to be directly applied to the cloud environment, and cannot meet some practical needs of the cloud environment at the same time: writability, high efficiency Technical issues such as compatibility, versatility, simultaneous monitoring, reliability, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • VMI method and system based on redirection of system calls
  • VMI method and system based on redirection of system calls
  • VMI method and system based on redirection of system calls

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039]In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0040] Such as figure 1 Shown is a schematic flow chart of a VMI method based on system call redirection disclosed in an embodiment of the present invention. figure 1 The method shown includes the following steps:

[0041] (1) Select the target virtual machine VM, and select the init process in the target VM as an auxiliary process;

[0042] Among them, the init process can be selected as the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a VMI method and system based on the redirection of system calls. The method and system provide a dynamic view of VMs in the operation for an administrator by selecting a target VM, so that each VM can be monitored; the process selection and initialization in the target VM are generated by an auxiliary process to carry out the redirected system calls; each system call of a VMI application program is intercepted by the system calls, and whether or not the system calls need to be redirected is decided; redirecting one system call to the auxiliary process is executed by redirecting system calls; the safe execution of the auxiliary process is guaranteed by security protection, and the correct self-examination results are guaranteed. The VMI method and system can be used for monitoring multiple different types of VMs in the cloud environment, and achieves a writable VMI technology, and the kernel state of the VM can be modified from the outside of the target VM to bring a high automation feature, so that the VMI method and system can be used in the automated cloud management.

Description

technical field [0001] The invention belongs to the technical field of cloud computing security, and more specifically relates to a VMI method and system based on system call redirection. Background technique [0002] With the rapid development of cloud computing, more and more people will start to rent a virtual machine (Virtual Machine, VM), and the core technology behind the VM is virtualization. In recent years, with the research and development of virtualization, the virtual machine introspection (Virtual Machine Introspection, VMI) technology and tools have evolved. VMI refers to monitoring the internal running status of the VM from outside the VM to implement security functions such as intrusion detection, malware analysis, integrity check, and log audit. [0003] The core problem of VMI is the semantic gap, that is, the separation of the underlying state (binary byte or bit) that the hypervisor can see and the semantics they express inside the VM (such as process PI...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/455
CPCG06F9/45558G06F2009/45583G06F2009/45587
Inventor 金海羌卫中徐公平邹德清
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com