Virtual machine process exception behavior detection method and system
A detection method and virtual machine technology, which is applied in the field of virtualization security, can solve the problems of virtual machine escape security threats and the inability to guarantee the comprehensiveness of detection, and achieve the effect of improving detection rate and accurate matching degree
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment Construction
[0052] The present invention will be further described in detail below in conjunction with the drawings and specific embodiments.
[0053] like figure 1 As shown, the detection system can be used to detect the abnormal process system call behavior in the virtual machine, including semantic reconstruction module, capture module, modeling module and detection module.
[0054] The semantic reconstruction module adopts an agentless monitoring method. During the running of the virtual machine process, a monitoring event will be triggered to cause the virtual machine to exit, capture the virtual machine process scheduling event, obtain the underlying semantic information of the virtual machine process, and reconstruct the Linux operating system in the Hypervisor Semantic information related to Windows operating system virtual machine process.
[0055] figure 2 A schematic diagram of the capture module is given. The capture module monitors the virtual machine process system call ev...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com