JP5518865B2 - 感染したホストによる攻撃からの仮想ゲストマシンの保護 - Google Patents

感染したホストによる攻撃からの仮想ゲストマシンの保護 Download PDF

Info

Publication number
JP5518865B2
JP5518865B2 JP2011525050A JP2011525050A JP5518865B2 JP 5518865 B2 JP5518865 B2 JP 5518865B2 JP 2011525050 A JP2011525050 A JP 2011525050A JP 2011525050 A JP2011525050 A JP 2011525050A JP 5518865 B2 JP5518865 B2 JP 5518865B2
Authority
JP
Japan
Prior art keywords
guest
host
host machine
machine
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2011525050A
Other languages
English (en)
Japanese (ja)
Other versions
JP2012510650A (ja
JP2012510650A5 (enExample
Inventor
ネイシュタット ジョン
ベン−ヨチャナン ノーム
ニース ニーウ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of JP2012510650A publication Critical patent/JP2012510650A/ja
Publication of JP2012510650A5 publication Critical patent/JP2012510650A5/ja
Application granted granted Critical
Publication of JP5518865B2 publication Critical patent/JP5518865B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Debugging And Monitoring (AREA)
JP2011525050A 2008-08-28 2009-07-31 感染したホストによる攻撃からの仮想ゲストマシンの保護 Active JP5518865B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/199,812 US8954897B2 (en) 2008-08-28 2008-08-28 Protecting a virtual guest machine from attacks by an infected host
US12/199,812 2008-08-28
PCT/US2009/052438 WO2010025007A2 (en) 2008-08-28 2009-07-31 Protecting a virtual guest machine from attacks by an infected host

Publications (3)

Publication Number Publication Date
JP2012510650A JP2012510650A (ja) 2012-05-10
JP2012510650A5 JP2012510650A5 (enExample) 2012-09-13
JP5518865B2 true JP5518865B2 (ja) 2014-06-11

Family

ID=41722206

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2011525050A Active JP5518865B2 (ja) 2008-08-28 2009-07-31 感染したホストによる攻撃からの仮想ゲストマシンの保護

Country Status (5)

Country Link
US (1) US8954897B2 (enExample)
EP (1) EP2318975B1 (enExample)
JP (1) JP5518865B2 (enExample)
CN (1) CN102132287B (enExample)
WO (1) WO2010025007A2 (enExample)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9426179B2 (en) 2009-03-17 2016-08-23 Sophos Limited Protecting sensitive information from a secure data store
US9015789B2 (en) * 2009-03-17 2015-04-21 Sophos Limited Computer security lock down methods
US9621584B1 (en) * 2009-09-30 2017-04-11 Amazon Technologies, Inc. Standards compliance for computing data
US9087188B2 (en) * 2009-10-30 2015-07-21 Intel Corporation Providing authenticated anti-virus agents a direct access to scan memory
US8321940B1 (en) * 2010-04-30 2012-11-27 Symantec Corporation Systems and methods for detecting data-stealing malware
US9111079B2 (en) 2010-09-30 2015-08-18 Microsoft Technology Licensing, Llc Trustworthy device claims as a service
US9218461B2 (en) * 2010-12-01 2015-12-22 Cisco Technology, Inc. Method and apparatus for detecting malicious software through contextual convictions
US9088601B2 (en) 2010-12-01 2015-07-21 Cisco Technology, Inc. Method and apparatus for detecting malicious software through contextual convictions, generic signatures and machine learning techniques
US20120144489A1 (en) * 2010-12-07 2012-06-07 Microsoft Corporation Antimalware Protection of Virtual Machines
US20130031371A1 (en) * 2011-07-25 2013-01-31 Alcatel-Lucent Usa Inc. Software Run-Time Provenance
US8843915B2 (en) * 2011-07-28 2014-09-23 Hewlett-Packard Development Company, L.P. Signature-based update management
US8782351B2 (en) 2011-10-13 2014-07-15 International Business Machines Corporation Protecting memory of a virtual guest
US8788763B2 (en) 2011-10-13 2014-07-22 International Business Machines Corporation Protecting memory of a virtual guest
US9032520B2 (en) * 2012-02-22 2015-05-12 iScanOnline, Inc. Remote security self-assessment framework
US8839447B2 (en) * 2012-02-27 2014-09-16 Ca, Inc. System and method for virtual image security in a cloud environment
US9058504B1 (en) * 2013-05-21 2015-06-16 Malwarebytes Corporation Anti-malware digital-signature verification
GB2515757A (en) * 2013-07-02 2015-01-07 Ibm Managing virtual machine policy compliance
US9065854B2 (en) 2013-10-28 2015-06-23 Citrix Systems, Inc. Systems and methods for managing a guest virtual machine executing within a virtualized environment
US9762603B2 (en) * 2014-05-10 2017-09-12 Informatica Llc Assessment type-variable enterprise security impact analysis
US9851998B2 (en) 2014-07-30 2017-12-26 Microsoft Technology Licensing, Llc Hypervisor-hosted virtual machine forensics
US10425447B2 (en) * 2015-08-28 2019-09-24 International Business Machines Corporation Incident response bus for data security incidents
US9990222B2 (en) * 2016-03-18 2018-06-05 Airwatch Llc Enforcing compliance rules against hypervisor and virtual machine using host management component
US10142364B2 (en) * 2016-09-21 2018-11-27 Upguard, Inc. Network isolation by policy compliance evaluation
US10795991B1 (en) 2016-11-08 2020-10-06 Fireeye, Inc. Enterprise search
US10554492B2 (en) 2017-06-09 2020-02-04 Microsoft Technology Licensing, Llc Physical machine management in distributed computing systems
US11030057B2 (en) * 2018-07-06 2021-06-08 EMC IP Holding Company LLC System and method for critical virtual machine protection
US11604671B2 (en) 2020-03-19 2023-03-14 Red Hat, Inc. Secure virtual machine and peripheral device communication
US12494898B2 (en) 2022-08-31 2025-12-09 Red Hat, Inc. Secured peripheral device communication via bridge device in virtualized computer system

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6609199B1 (en) 1998-10-26 2003-08-19 Microsoft Corporation Method and apparatus for authenticating an open system application to a portable IC device
GB2376765B (en) 2001-06-19 2004-12-29 Hewlett Packard Co Multiple trusted computing environments with verifiable environment identities
GB2376764B (en) 2001-06-19 2004-12-29 Hewlett Packard Co Multiple trusted computing environments
US7127597B2 (en) * 2002-09-24 2006-10-24 Novell, Inc. Mechanism for controlling boot decisions from a network policy directory based on client profile information
US7370324B2 (en) 2003-09-30 2008-05-06 Intel Corporation Switching between a service virtual machine and a guest virtual machine in a virtual machine monitor environment
US20050132122A1 (en) 2003-12-16 2005-06-16 Rozas Carlos V. Method, apparatus and system for monitoring system integrity in a trusted computing environment
JP2007226277A (ja) 2004-04-02 2007-09-06 Matsushita Electric Ind Co Ltd 仮想マシン改ざん検査方法、および仮想マシン改ざん検査装置
US7370166B1 (en) 2004-04-30 2008-05-06 Lexar Media, Inc. Secure portable storage device
AU2005222507B2 (en) 2004-10-15 2010-10-28 Microsoft Corporation Portable computing environment
CN1885788B (zh) 2005-06-22 2010-05-05 杭州华三通信技术有限公司 网络安全防护方法及系统
JP4889638B2 (ja) 2005-07-14 2012-03-07 パナソニック株式会社 検証方法、検証プログラム、記録媒体、情報処理装置、集積回路
US20070074192A1 (en) 2005-08-30 2007-03-29 Geisinger Nile J Computing platform having transparent access to resources of a host platform
CN100437420C (zh) 2005-09-30 2008-11-26 联想(北京)有限公司 计算机系统及其安全加固方法
CN100420202C (zh) * 2005-10-20 2008-09-17 联想(北京)有限公司 计算机管理系统以及计算机管理方法
US20070257105A1 (en) 2006-04-24 2007-11-08 Encryptakey, Inc. Systems and methods for establishing a secure computing environment for performing online transactions
JP2009537892A (ja) 2006-05-18 2009-10-29 サンギュ イ クライアントおよびサーバの保護方法
US7743422B2 (en) 2006-08-21 2010-06-22 International Business Machines Corporation System and method for validating a computer platform when booting from an external device
US8510859B2 (en) 2006-09-26 2013-08-13 Intel Corporation Methods and arrangements to launch trusted, co-existing environments
US9015703B2 (en) 2006-10-17 2015-04-21 Manageiq, Inc. Enforcement of compliance policies in managed virtual systems
US8949825B1 (en) 2006-10-17 2015-02-03 Manageiq, Inc. Enforcement of compliance policies in managed virtual systems
US8099786B2 (en) 2006-12-29 2012-01-17 Intel Corporation Embedded mechanism for platform vulnerability assessment
US7765374B2 (en) 2007-01-25 2010-07-27 Microsoft Corporation Protecting operating-system resources
US8959568B2 (en) 2007-03-14 2015-02-17 Microsoft Corporation Enterprise security assessment sharing
CN100555298C (zh) 2007-06-08 2009-10-28 北京飞天诚信科技有限公司 虚拟个人办公环境的方法和设备
US8418173B2 (en) * 2007-11-27 2013-04-09 Manageiq, Inc. Locating an unauthorized virtual machine and bypassing locator code by adjusting a boot pointer of a managed virtual machine in authorized environment
US20090178131A1 (en) 2008-01-08 2009-07-09 Microsoft Corporation Globally distributed infrastructure for secure content management

Also Published As

Publication number Publication date
WO2010025007A3 (en) 2010-04-22
CN102132287A (zh) 2011-07-20
US20100058432A1 (en) 2010-03-04
CN102132287B (zh) 2015-02-11
JP2012510650A (ja) 2012-05-10
EP2318975A4 (en) 2013-11-20
EP2318975B1 (en) 2018-08-22
US8954897B2 (en) 2015-02-10
EP2318975A2 (en) 2011-05-11
WO2010025007A2 (en) 2010-03-04

Similar Documents

Publication Publication Date Title
JP5518865B2 (ja) 感染したホストによる攻撃からの仮想ゲストマシンの保護
US9674215B2 (en) Software program identification based on program behavior
US10587647B1 (en) Technique for malware detection capability comparison of network security devices
US8353036B2 (en) Method and system for protecting cross-domain interaction of a web application on an unmodified browser
US8572750B2 (en) Web application exploit mitigation in an information technology environment
US20090165132A1 (en) System and method for security agent monitoring and protection
EP4341841B1 (en) Automated interpreted application control for workloads
US20100175108A1 (en) Method and system for securing virtual machines by restricting access in connection with a vulnerability audit
US9183377B1 (en) Unauthorized account monitoring system and method
US20100199351A1 (en) Method and system for securing virtual machines by restricting access in connection with a vulnerability audit
US20090271863A1 (en) Identifying unauthorized privilege escalations
EP2998901B1 (en) Unauthorized-access detection system and unauthorized-access detection method
EP3430556A1 (en) System and method for process hollowing detection
Zeng et al. Full-stack vulnerability analysis of the cloud-native platform
US12132759B2 (en) Inline package name based supply chain attack detection and prevention
US11729176B2 (en) Monitoring and preventing outbound network connections in runtime applications
US7886065B1 (en) Detecting reboot events to enable NAC reassessment
US20070294699A1 (en) Conditionally reserving resources in an operating system
US8862730B1 (en) Enabling NAC reassessment based on fingerprint change
US20120174206A1 (en) Secure computing environment
US12292966B2 (en) Systems and methods for folder and file sequestration
US20160197946A1 (en) System and Method for Monitoring a Computer System Using Machine Interpretable Code
Ramachandran et al. New Client Virtualization Usage Models Using Intel Virtualization Technology.
RU2839575C1 (ru) Способ и система управления доступом к сети
US20240205248A1 (en) Monitoring tool for detecting violations of device behavior constraints

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20120724

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20120724

RD03 Notification of appointment of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7423

Effective date: 20130701

RD04 Notification of resignation of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7424

Effective date: 20130718

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20131030

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20131114

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140212

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20140304

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20140402

R150 Certificate of patent or registration of utility model

Ref document number: 5518865

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

RD02 Notification of acceptance of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: R3D02