发明名称 |
METHODS AND APPARATUS FOR APPLICATION ISOLATION |
摘要 |
Processor(s) for detecting malicious software. A hardware virtual machine monitor (HVMM) operates under a host OS. Container(s) initialized with network application template(s) operate under a guest OS VM. A detection module operates under the guest OS VM includes a trigger detection module, a logging module and a container command module. The trigger detection module monitors activity on container(s) for a trigger event. The logging module writes activity report(s) in response to trigger event(s). The container command module issues command(s) in response to trigger event(s). The command(s) include a container start, stop and revert commands. A virtual machine control console operates under the host OS and starts/stops the HVMM. A container control module operates under the guest OSVM and controls container(s) in response to the command(s). The server communication module sends activity report(s) to a central collection network appliance that maintains a repository of activities for infected devices. |
申请公布号 |
US2016182540(A1) |
申请公布日期 |
2016.06.23 |
申请号 |
US201514808681 |
申请日期 |
2015.07.24 |
申请人 |
George Mason Research Foundation, Inc. |
发明人 |
GHOSH Anup;HUANG Yih;WANG Jiang;STAVROU Angelos |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
Fairfax VA US |