A virtual machine kernel dynamic detection system and method based on virtual machine introspection function level

A technology of dynamic detection and detection methods, applied in the field of cloud security, can solve the problems of attackers detecting, breaking through, and unable to apply cloud computing
CN108469984BActive Publication Date: 2021-07-30HARBIN INST OF TECH +1
5 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
HARBIN INST OF TECH
Publication Date
2021-07-30

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The present invention is based on a virtual machine introspection function-level virtual machine kernel dynamic detection system and method belonging to the field of cloud security; the device includes hardware to provide a hardware foundation for a safe virtual machine, a target virtual machine, and a virtual machine management layer; the safe virtual machine includes a monitoring framework, The security virtual machine interacts with the target virtual machine through the virtual machine management layer, and the virtual machine management layer is connected to the extraction module, and the extraction module is respectively connected to the learning module and the monitoring module through the page execution information; the method includes monitoring and opening; the extraction module injects the monitoring point into the target virtual machine In this way, the virtual machine management layer can monitor the sub-functions in the call, use the method of static memory analysis and dynamic tracking, perform static analysis again to obtain the address of the subsequent sub-functions to monitor, execute in a loop until the system call returns; through three learning methods The method models the execution information; thereby detecting the integrity of the kernel control flow and preventing it from being detected or even broken by an attacker.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a virtual machine introspection-based function-level virtual machine kernel dynamic detection system and method, which belong to the field of cloud security. Background technique

[0002] Nowadays, with the vigorous development of cloud computing, its security issues must be taken seriously. In cloud computing infrastructure and services, the service core provided to users exists in the form of a virtual machine. Whether it is an individual user or an enterprise server user, its final presentation form is one or more servers located in the host cluster of the cloud computing provider. virtual machine. The integrity of the kernel control flow is very important to the security of the virtual machine. If the kernel of the virtual machine is damaged, the security of the entire cloud platform may be threatened. Therefore, detecting the integrity of the kernel control flow of a virtual machine is very important for cloud computing....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More