Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Virtual-machine introspection collection system and method based on KVM

A technology of collection system and virtual machine, applied in the field of virtual machine introspection collection system, can solve the problems of internal collection failure of virtual machine, network paralysis, process death, etc.

Active Publication Date: 2018-11-27
HARBIN INST OF TECH
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to solve the existing problem that when an external network attack occurs, the death of the process or the paralysis of the network will cause the failure of the internal collection of the virtual machine, and propose a virtual machine self-examination collection system and collection method based on KVM

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtual-machine introspection collection system and method based on KVM
  • Virtual-machine introspection collection system and method based on KVM
  • Virtual-machine introspection collection system and method based on KVM

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0028] Specific Embodiment 1: A KVM-based virtual machine introspection acquisition system in this embodiment includes a configuration delivery module, a task scheduling module, a file measurement module, a semantic analysis module, a virtual machine connection module, a stream processing module and a database module. The system The structure diagram is as follows figure 1 ;

[0029] The full name of KVM is Kernel-based Virtual Machine;

[0030] The configuration delivery module is used to receive the request of the virtual machine collection task, such as starting or stopping the process information collection of the virtual machine B on the host machine A. The configuration delivery module is used to manage all serviceable virtual machines in the cloud platform, including which host machine the virtual machine is located under, the status of the virtual machine, and the operating system version of the virtual machine; when the configuration delivery module receives After c...

specific Embodiment approach 2

[0038] Specific embodiment two: the difference between this embodiment and specific embodiment one is: the semantic analysis module is responsible for the collection tasks of Windows and Linux virtual machine memory information, and the semantic analysis module is based on different virtual machine operating system versions and different collection tasks Start different acquisition configurations, analyze the virtual machine memory after the virtual machine connection module is initialized, and then obtain the corresponding Windows and Linux virtual machine information; specifically:

[0039] Adapt the kernel data structure and symbol table, fill the gap of the physical memory where the virtual machine memory is located, locate the object offset through the symbol table, locate the target information according to the kernel data structure, and then obtain the corresponding Windows and Linux virtual machine information.

[0040] Other steps and parameters are the same as those i...

specific Embodiment approach 3

[0041] Specific implementation mode three: a kind of KVM-based virtual machine introspection collection method specific process of this implementation mode is:

[0042] The information processing flow of the system is as follows: figure 2 .

[0043] When the system administrator sends a collection request, the collection request enters the configuration delivery module, and the configuration delivery module caches and verifies the collection request. If no relevant virtual machine information is found, the verification fails and the error message is sent to the streamer. Processing module; if relevant virtual machine information is found, it will adapt the operating system kernel version of the acquisition request and the configuration information related to the acquisition request, and after locating the host where the virtual machine is located, send the configuration information to the host;

[0044] The task scheduling module is located on the host machine, and performs co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a virtual-machine introspection collection system and method based on a KVM. The virtual-machine introspection collection system and method based on the KVM aim at solving theproblem that when existing foreign network attack appears, due to process death or network paralysis, virtual-machine internal collection fails. The virtual-machine introspection collection system based on the KVM comprises a configuration issuing module, a task scheduling module, a file measurement module, a semantic analysis module, a virtual-machine connection module, a stream processing moduleand a database module; multidimensional information collection of a virtual machine is achieved, and includes virtual-machine memory information collection and virtual-machine file information collection, and supports collection of a Windows virtual machine and a Linux virtual machine. The virtual-machine introspection collection system and method based on the KVM is used for the field of virtual-machine introspection collection.

Description

technical field [0001] The invention relates to a KVM-based virtual machine introspection collection system and a collection method. Background technique [0002] With the rapid development of cloud computing, cloud services are playing an increasingly important role. Cloud services put services in the cloud, reducing the intermediate process of services and facilitating users' use. However, the network security issues caused by the development of cloud services are also becoming more and more prominent. In the face of increasing cyber attacks, countries all over the world regard the construction of cyber security experiments as an important platform for cyber attack and defense drills and network technology evaluation. A number of countries have established national-level cybersecurity test platforms, taking cybersecurity trials as key research objects. Network security experiments play a great role in network attack and defense drills and network technology evaluation, a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F9/48G06F21/53
CPCG06F9/45533G06F9/4843G06F21/53
Inventor 张伟哲方滨兴刘川意何慧李星晨王德胜张宇刘亚维
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com