Virtual machine process information detection method and apparatus
The present invention provides a virtual machine process information detection method and apparatus. The method comprises: intercepting and capturing an IOCTL system call initiated by a kernel drive program in a virtualization platform; acquiring a parameter of the IOCTL system call, and detecting t...
Saved in:
| Main Authors | , , |
|---|---|
| Format | Patent |
| Language | Chinese English |
| Published |
01.06.2016
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | The present invention provides a virtual machine process information detection method and apparatus. The method comprises: intercepting and capturing an IOCTL system call initiated by a kernel drive program in a virtualization platform; acquiring a parameter of the IOCTL system call, and detecting the parameter by means of a preset policy; and according to a detection result, determining whether to perform the IOCTL system call. According to the method, by intercepting and capturing the IOCTL system call initiated by the kernel drive program, and detecting the parameter of the IOCTL system call, a virtual machine is prevented from attacking and controlling a virtual machine host operating system by means of the IOCTL system call, and the phenomenon of virtual machine escape is avoided. |
|---|---|
| AbstractList | The present invention provides a virtual machine process information detection method and apparatus. The method comprises: intercepting and capturing an IOCTL system call initiated by a kernel drive program in a virtualization platform; acquiring a parameter of the IOCTL system call, and detecting the parameter by means of a preset policy; and according to a detection result, determining whether to perform the IOCTL system call. According to the method, by intercepting and capturing the IOCTL system call initiated by the kernel drive program, and detecting the parameter of the IOCTL system call, a virtual machine is prevented from attacking and controlling a virtual machine host operating system by means of the IOCTL system call, and the phenomenon of virtual machine escape is avoided. |
| Author | TANG DIBIN QU MENGMENG LUAN JIANHAI |
| Author_xml | – fullname: TANG DIBIN – fullname: LUAN JIANHAI – fullname: QU MENGMENG |
| BookMark | eNqNir0KAjEQBlNo4d87xAcQjEF7PRQrK7E9ltx3XOCyG5K991fEB7AYZopZmhkLY2Eur1h0otEmCkNk2FwkoFYbuZeSSKOw7aAI30rQQTpL_CFnKqRTXZt5T2PF5ueV2d6uz-a-Q5YWNVMAQ9vm4fbHk3f-4M7-n-cNoc80WA |
| ContentType | Patent |
| DBID | EVB |
| DatabaseName | esp@cenet |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Medicine Chemistry Sciences Physics |
| ExternalDocumentID | CN105631321A |
| GroupedDBID | EVB |
| ID | FETCH-epo_espacenet_CN105631321A3 |
| IEDL.DBID | EVB |
| IngestDate | Fri Jul 19 15:16:20 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | Chinese English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-epo_espacenet_CN105631321A3 |
| Notes | Application Number: CN201510984793 |
| OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20160601&DB=EPODOC&CC=CN&NR=105631321A |
| ParticipantIDs | epo_espacenet_CN105631321A |
| PublicationCentury | 2000 |
| PublicationDate | 20160601 |
| PublicationDateYYYYMMDD | 2016-06-01 |
| PublicationDate_xml | – month: 06 year: 2016 text: 20160601 day: 01 |
| PublicationDecade | 2010 |
| PublicationYear | 2016 |
| RelatedCompanies | BEIJING QIHOO TECHNOLOGY CO., LTD QIZHI SOFTWARE (BEIJING) CO., LTD |
| RelatedCompanies_xml | – name: BEIJING QIHOO TECHNOLOGY CO., LTD – name: QIZHI SOFTWARE (BEIJING) CO., LTD |
| Score | 3.1539645 |
| Snippet | The present invention provides a virtual machine process information detection method and apparatus. The method comprises: intercepting and capturing an IOCTL... |
| SourceID | epo |
| SourceType | Open Access Repository |
| SubjectTerms | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| Title | Virtual machine process information detection method and apparatus |
| URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20160601&DB=EPODOC&locale=&CC=CN&NR=105631321A |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwY2BQAW9gTDVJ1jVPMzTSNbFMNte1NDcy0000MrBIMjcHNqJTQPudff3MPEJNvCJMI5gYsmB7YcDnhJaDD0cE5qhkYH4vAZfXBYhBLBfw2spi_aRMoFC-vVuIrYsatHdsaAY6XkTNxcnWNcDfxd9ZzdnZ1tlPzS_IFnTBPOiUQkNHZgZWYDPaHNxpC3MC7UopQK5S3AQZ2AKApuWVCDEwVWUIM3A6w25eE2bg8IVOeAszsINXaCYXAwWhubBYhMEpLLMItO1DIRe8EjJVoQCy2l8BegoqyPkKKakl4FVWeQqQS6IVEvOAuAB81HdpsSiDoptriLOHLtBZ8fAwiHf2Q_jAWIyBJS8_L1WCQSHJEJjjkoHhaZhkAKqOLM0TU02TE4G8tKS0JAMzSQYp3OZI4ZOUZuAChSdkVZQMA0tJUWmqLLD-LUmSAwccAJ5cieE |
| link.rule.ids | 230,309,783,888,25577,76883 |
| linkProvider | European Patent Office |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwY2BQAW9gTDVJ1jVPMzTSNbFMNte1NDcy0000MrBIMjcHNqJTQPudff3MPEJNvCJMI5gYsmB7YcDnhJaDD0cE5qhkYH4vAZfXBYhBLBfw2spi_aRMoFC-vVuIrYsatHdsaAY6XkTNxcnWNcDfxd9ZzdnZ1tlPzS_IFnTBPOiUQkNHZgZWYBPbAtxVCnMC7UopQK5S3AQZ2AKApuWVCDEwVWUIM3A6w25eE2bg8IVOeAszsINXaCYXAwWhubBYhMEpLLMItO1DIRe8EjJVoQCy2l8BegoqyPkKKakl4FVWeQqQS6IVEvOAuAB81HdpsSiDoptriLOHLtBZ8fAwiHf2Q_jAWIyBJS8_L1WCQSHJEJjjkoHhaZhkAKqOLM0TU02TE4G8tKS0JAMzSQYp3OZI4ZOUZ-D0CPH1iffx9POWZuAChS1khZQMA0tJUWmqLLAuLkmSAwciAD39jNE |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=Virtual+machine+process+information+detection+method+and+apparatus&rft.inventor=TANG+DIBIN&rft.inventor=LUAN+JIANHAI&rft.inventor=QU+MENGMENG&rft.date=2016-06-01&rft.externalDBID=A&rft.externalDocID=CN105631321A |