Method for discovering whether or not vulnerability exists in virtual machine introspection system

A virtual machine and vulnerability technology, applied in software simulation/interpretation/simulation, program control design, instruments, etc., can solve the problems of unrealized controllability of virtual machine introspection system dynamic monitoring results, lack of design ideas, etc.

Active Publication Date: 2017-12-08
XIDIAN UNIV
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] So far, the research on realizing the controllability of monitoring results in the virtual machine introspection system is still in its infancy, and th...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for discovering whether or not vulnerability exists in virtual machine introspection system
  • Method for discovering whether or not vulnerability exists in virtual machine introspection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0042] The present invention allows the system to jump to the changed system call code and execute it by inserting a specific jmp instruction at the entry address of the changed Linux virtual machine system call function, thereby misleading the VMI tool to obtain false system call monitoring information , to hide the system call operations actually executed by the experimenters in the virtual machine to achieve the purpose of the experiment. Assuming that the experiment can be successful, it shows that there are certain loopholes in the realization of the dynamic monitoring function of the virtual machine introspection system, which provides a basis for subsequent related researchers to further improve the system Important reference.

[0043] refer to figure 1 , the present invention comprises five steps, wherein needs to write Linux kernel module Ker_...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for discovering whether or not a vulnerability exists in a virtual machine introspection system. A specific jmp instruction is inserted at a calling function entry address of a changed Linux virtual machine system, if the virtual machine introspection system can be modified, it means that the vulnerability exists in the virtual machine introspection system, and it indicates that a dynamic monitoring result of the virtual machine introspection system can be manually controlled to further disclose the vulnerability of the virtual machine introspection system, and important references are provided for follow-up relevant researchers to further improve the system.

Description

technical field [0001] The invention belongs to the field of computer science and technology, and relates to the modification of system call monitoring results in a virtual machine introspection (Virtual Machine Introspection, referred to as VMI) system. By checking whether the system call results can be artificially controlled, system loopholes are found, and the system is further improved. For reference, specifically, it is a method for discovering whether a vulnerability exists in a virtual machine introspection system. Background technique [0002] Virtual machine introspection technology has become an important choice to protect virtual machine security because it can take into account good "isolation" and "visibility", and has attracted extensive attention and research in the industry. The VMI usually runs on the virtual machine manager (VMM) layer under the virtual machine. Since it does not run inside the monitored virtual machine, the VMI and the virtual machine hav...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/455G06F21/53
CPCG06F9/45558G06F21/53G06F2009/45587
Inventor 李金库吴晓润汤飞罗林波马建峰
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap