发明名称 |
METHOD AND DEVICE FOR REALIZING VIRTUAL MACHINE INTROSPECTION |
摘要 |
The present invention relates to the field of information technologies and discloses a method and an apparatus for implementing virtual machine introspection, so as to resolve a problem that a VMI system cannot accurately perform security check on in-memory data in a VM. The method provided in the present invention may specifically include: determining to-be-checked data in a virtual machine; starting to read the to-be-checked data, saving a copy of the read to-be-checked data, and storing a storage address of the read to-be-checked data in a hardware transactional memory, so that the hardware transactional memory is capable of monitoring the read to-be-checked data according to the storage address; when it is detected that the read to-be-checked data is modified, stopping reading the to-be-checked data, and deleting the copy; and when reading the to-be-checked data is completed and it is not detected that the read to-be-checked data is modified, performing security check on the copy. The method can be applied to virtual machine introspection. |
申请公布号 |
EP3079057(A1) |
申请公布日期 |
2016.10.12 |
申请号 |
EP20140876189 |
申请日期 |
2014.12.10 |
申请人 |
HUAWEI TECHNOLOGIES CO., LTD. |
发明人 |
TU, BIN;CHEN, HAIBO;XIA, YUBIN |
分类号 |
G06F9/455;G06F21/53;G06F21/56 |
主分类号 |
G06F9/455 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|