| 发明名称 |
Systems And Methods For Executing Arbitrary Applications In Secure Environments |
| 摘要 |
Described systems and methods allow protecting a host system, such as a computer system or smartphone, from malware such as viruses, exploits, and rootkits. In some embodiments, a hypervisor executes at the highest processor privilege level and displaces other software to a guest virtual machine (VM). A security application detects the launch of a target process within the guest VM. In response to the launch, the hypervisor instantiates a process VM isolated from the guest VM, and relocates the target process to the process VM. In some embodiments, when the relocated target process attempts to access a resource, such as a file or registry key, an instance of the respective resource is fetched on-demand, from the guest VM to the respective process VM. Executing the target process within an isolated environment helps to contain malware to the respective environment. |
| 申请公布号 |
US2015248554(A1) |
申请公布日期 |
2015.09.03 |
| 申请号 |
US201414195132 |
申请日期 |
2014.03.03 |
| 申请人 |
Bitdefender IPR Management Ltd. |
发明人 |
DUMITRU Bogdan C.;LUKACS Sandor;LUTAS Dan H.;TOSA Raul V. |
| 分类号 |
G06F21/53;G06F21/56;G06F9/455 |
主分类号 |
G06F21/53 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A host system comprising at least one processor configured to execute a hypervisor, the hypervisor configured to expose a guest virtual machine (VM) and further configured to:
in response to a launch of a target process within guest VM, expose a process VM distinct from the guest VM; in response to exposing the process VM, relocate the target process from the guest VM to the process VM; and in response to relocating the target process, and in response to an attempt by the target process to access a resource, fetch the resource from the guest VM to the process VM. |
| 地址 |
Nicosia CY |
