HYPERVISOR SECURITY API MODULE AND HYPERVISOR-BASED VIRTUAL NETWORK INTRUSION PREVENTION SYSTEM
摘要
<p>Provided are a hypervisor security API module and a hypervisor-based virtual network intrusion prevention system. The hypervisor security API module acquires internal information of a virtual system from a hypervisor, and provides the hypervisor with an API for performing a security control in response to intrusion detection results using the internal information of the virtual system. The hypervisor security API module includes: a virtual memory access processor which provides an API for reading and writing contents of a virtual memory included in a virtual machine; a virtual CPU access processor which provides an API for reading a register value of a virtual CPU included in the virtual machine; a virtual storage access processor which provides an API for accessing a file system included in the virtual machine, moving to a directory, and reading and writing files; a virtual network access processor which provides an API for capturing and filtering virtual network packets; a hypercall monitoring processor which provides an API for monitoring hypercalls; a guest OS information access processor which provides an API for reading information on a guest OS; a hypervisor information access processor which provides an API for reading internal information of the hypervisor; and a security control processor which provides an API for transmitting security control signals to the hypervisor.</p>
申请公布号
KR101454837(B1)
申请公布日期
2014.10.28
申请号
KR20130044141
申请日期
2013.04.22
申请人
KOREA INTERNET & SECURITY AGENCY
发明人
SHIN, YOUNG SANG;CHEONG, IL AHN;LEE, SEUL GI;YOON, MI YEON;HWANG, TONG WOOK;SON, KYUNG HO