发明名称 |
CROSS-VM NETWORK FILTERING |
摘要 |
A security virtual machine inspects all data traffic between other virtual machines on a virtualization platform in order to prevent an inter-VM attack. Data traffic between the machines is intercepted at the privileged domain and directed to the security virtual machine via a hook mechanism and a shared memory location. The traffic is read by the security machine and analyzed for malicious software. After analysis, the security machine sends back a verdict for each data packet to the privileged machine which then drops each data packet or passes each data packet on to its intended destination. The privileged domain keeps a copy of each packet or relies upon the security machine to send back each packet. The security machine also substitutes legitimate or warning data packets into a malicious data package instead of blocking data packets. The shared memory location is a circular buffer for greater performance. Traffic is intercepted on a single host computer or between host computers.
|
申请公布号 |
US2013036470(A1) |
申请公布日期 |
2013.02.07 |
申请号 |
US201113197701 |
申请日期 |
2011.08.03 |
申请人 |
ZHU MINGHANG;QIAN GONGWEI |
发明人 |
ZHU MINGHANG;QIAN GONGWEI |
分类号 |
G06F0021/000024 |
主分类号 |
G06F0021/000024 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|