SG11201505931RA - Memory introspection engine for integrity protection of virtual machines - Google Patents

Memory introspection engine for integrity protection of virtual machines

Info

Publication number
SG11201505931RA
SG11201505931RA SG11201505931RA SG11201505931RA SG11201505931RA SG 11201505931R A SG11201505931R A SG 11201505931RA SG 11201505931R A SG11201505931R A SG 11201505931RA SG 11201505931R A SG11201505931R A SG 11201505931RA SG 11201505931R A SG11201505931R A SG 11201505931RA
Authority
SG
Singapore
Prior art keywords
virtual machines
integrity protection
introspection engine
memory introspection
memory
Prior art date
Application number
SG11201505931RA
Other languages
English (en)
Inventor
Andrei-Vlad Luţas
Sandor Lukacs
Dan-Horea Luţaş
Original Assignee
Bitdefender Ipr Man Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bitdefender Ipr Man Ltd filed Critical Bitdefender Ipr Man Ltd
Publication of SG11201505931RA publication Critical patent/SG11201505931RA/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0877Cache access modes
    • G06F12/0882Page mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/109Address translation for multiple virtual address spaces, e.g. segmentation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1466Key-lock mechanism
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45591Monitoring or debugging support

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
SG11201505931RA 2013-02-22 2014-02-04 Memory introspection engine for integrity protection of virtual machines SG11201505931RA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/774,720 US8875295B2 (en) 2013-02-22 2013-02-22 Memory introspection engine for integrity protection of virtual machines
PCT/RO2014/000006 WO2014129918A1 (en) 2013-02-22 2014-02-04 Memory introspection engine for integrity protection of virtual machines

Publications (1)

Publication Number Publication Date
SG11201505931RA true SG11201505931RA (en) 2015-09-29

Family

ID=50389476

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11201505931RA SG11201505931RA (en) 2013-02-22 2014-02-04 Memory introspection engine for integrity protection of virtual machines

Country Status (13)

Country Link
US (1) US8875295B2 (de)
EP (1) EP2959392B1 (de)
JP (1) JP6218859B2 (de)
KR (1) KR101863174B1 (de)
CN (1) CN105190570B (de)
AU (1) AU2014219466B2 (de)
CA (1) CA2897747C (de)
ES (1) ES2873229T3 (de)
HK (1) HK1214663A1 (de)
IL (1) IL239855B (de)
RU (1) RU2640300C2 (de)
SG (1) SG11201505931RA (de)
WO (1) WO2014129918A1 (de)

Families Citing this family (108)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8989705B1 (en) 2009-06-18 2015-03-24 Sprint Communications Company L.P. Secure placement of centralized media controller application in mobile access terminal
US9239909B2 (en) * 2012-01-25 2016-01-19 Bromium, Inc. Approaches for protecting sensitive data within a guest operating system
US9027102B2 (en) 2012-05-11 2015-05-05 Sprint Communications Company L.P. Web server bypass of backend process on near field communications and secure element chips
US9282898B2 (en) 2012-06-25 2016-03-15 Sprint Communications Company L.P. End-to-end trusted communications infrastructure
US9066230B1 (en) 2012-06-27 2015-06-23 Sprint Communications Company L.P. Trusted policy and charging enforcement function
US8649770B1 (en) 2012-07-02 2014-02-11 Sprint Communications Company, L.P. Extended trusted security zone radio modem
US8667607B2 (en) 2012-07-24 2014-03-04 Sprint Communications Company L.P. Trusted security zone access to peripheral devices
US9183412B2 (en) 2012-08-10 2015-11-10 Sprint Communications Company L.P. Systems and methods for provisioning and using multiple trusted security zones on an electronic device
US10187452B2 (en) 2012-08-23 2019-01-22 TidalScale, Inc. Hierarchical dynamic scheduling
US8954588B1 (en) 2012-08-25 2015-02-10 Sprint Communications Company L.P. Reservations in real-time brokering of digital content delivery
US9015068B1 (en) 2012-08-25 2015-04-21 Sprint Communications Company L.P. Framework for real-time brokering of digital content delivery
US9215180B1 (en) 2012-08-25 2015-12-15 Sprint Communications Company L.P. File retrieval in real-time brokering of digital content
US9161227B1 (en) 2013-02-07 2015-10-13 Sprint Communications Company L.P. Trusted signaling in long term evolution (LTE) 4G wireless communication
US9578664B1 (en) 2013-02-07 2017-02-21 Sprint Communications Company L.P. Trusted signaling in 3GPP interfaces in a network function virtualization wireless communication system
US9104840B1 (en) 2013-03-05 2015-08-11 Sprint Communications Company L.P. Trusted security zone watermark
US9075995B2 (en) * 2013-03-11 2015-07-07 Microsoft Technology Licensing, Llc Dynamically loaded measured environment for secure code launch
US9335886B2 (en) * 2013-03-13 2016-05-10 Assured Information Security, Inc. Facilitating user interaction with multiple domains while preventing cross-domain transfer of data
US9613208B1 (en) * 2013-03-13 2017-04-04 Sprint Communications Company L.P. Trusted security zone enhanced with trusted hardware drivers
US9049186B1 (en) 2013-03-14 2015-06-02 Sprint Communications Company L.P. Trusted security zone re-provisioning and re-use capability for refurbished mobile devices
US9049013B2 (en) 2013-03-14 2015-06-02 Sprint Communications Company L.P. Trusted security zone containers for the protection and confidentiality of trusted service manager data
US9021585B1 (en) 2013-03-15 2015-04-28 Sprint Communications Company L.P. JTAG fuse vulnerability determination and protection using a trusted execution environment
US9191388B1 (en) 2013-03-15 2015-11-17 Sprint Communications Company L.P. Trusted security zone communication addressing on an electronic device
US8984592B1 (en) 2013-03-15 2015-03-17 Sprint Communications Company L.P. Enablement of a trusted security zone authentication for remote mobile device management systems and methods
US9374363B1 (en) 2013-03-15 2016-06-21 Sprint Communications Company L.P. Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device
US9324016B1 (en) 2013-04-04 2016-04-26 Sprint Communications Company L.P. Digest of biographical information for an electronic device with static and dynamic portions
US9454723B1 (en) 2013-04-04 2016-09-27 Sprint Communications Company L.P. Radio frequency identity (RFID) chip electrically and communicatively coupled to motherboard of mobile communication device
US9171243B1 (en) 2013-04-04 2015-10-27 Sprint Communications Company L.P. System for managing a digest of biographical information stored in a radio frequency identity chip coupled to a mobile communication device
US9838869B1 (en) 2013-04-10 2017-12-05 Sprint Communications Company L.P. Delivering digital content to a mobile device via a digital rights clearing house
US9443088B1 (en) 2013-04-15 2016-09-13 Sprint Communications Company L.P. Protection for multimedia files pre-downloaded to a mobile device
US9069952B1 (en) 2013-05-20 2015-06-30 Sprint Communications Company L.P. Method for enabling hardware assisted operating system region for safe execution of untrusted code using trusted transitional memory
US9560519B1 (en) 2013-06-06 2017-01-31 Sprint Communications Company L.P. Mobile communication device profound identity brokering framework
US9183606B1 (en) 2013-07-10 2015-11-10 Sprint Communications Company L.P. Trusted processing location within a graphics processing unit
US9208339B1 (en) 2013-08-12 2015-12-08 Sprint Communications Company L.P. Verifying Applications in Virtual Environments Using a Trusted Security Zone
WO2015030746A1 (en) * 2013-08-28 2015-03-05 Empire Technology Development, Llc Virtual machine exit analyzer
CN105683985B (zh) * 2013-10-29 2018-12-21 慧与发展有限责任合伙企业 用于虚拟机内省的系统、方法及非暂时性计算机可读介质
US9185626B1 (en) 2013-10-29 2015-11-10 Sprint Communications Company L.P. Secure peer-to-peer call forking facilitated by trusted 3rd party voice server provisioning
US9191522B1 (en) 2013-11-08 2015-11-17 Sprint Communications Company L.P. Billing varied service based on tier
US9161325B1 (en) 2013-11-20 2015-10-13 Sprint Communications Company L.P. Subscriber identity module virtualization
US9118655B1 (en) 2014-01-24 2015-08-25 Sprint Communications Company L.P. Trusted display and transmission of digital ticket documentation
US9733976B2 (en) * 2014-03-27 2017-08-15 Barkly Protects, Inc. Method and apparatus for SYSRET monitoring of system interactions
US10078752B2 (en) 2014-03-27 2018-09-18 Barkly Protects, Inc. Continuous malicious software identification through responsive machine learning
EP3123390A4 (de) * 2014-03-27 2017-10-25 Barkly Protects, Inc. Identifizierung schädlicher software mit verhaltensanalyse und hardwareereignissen
US9226145B1 (en) 2014-03-28 2015-12-29 Sprint Communications Company L.P. Verification of mobile device integrity during activation
US9973531B1 (en) * 2014-06-06 2018-05-15 Fireeye, Inc. Shellcode detection
US9230085B1 (en) 2014-07-29 2016-01-05 Sprint Communications Company L.P. Network based temporary trust extension to a remote or mobile device enabled via specialized cloud services
US20160062655A1 (en) * 2014-08-28 2016-03-03 Endgame, Inc. System and Method for Improved Memory Allocation in a Computer System
US9600664B1 (en) * 2014-09-03 2017-03-21 Amazon Technologies, Inc. Monitoring execution environments for approved configurations
EP3191943B1 (de) * 2014-09-10 2022-08-17 Irdeto B.V. Speicherprivileg eines computersystems
US9860208B1 (en) 2014-09-30 2018-01-02 Palo Alto Networks, Inc. Bridging a virtual clone of a target device in a honey network to a suspicious device in an enterprise network
US9882929B1 (en) 2014-09-30 2018-01-30 Palo Alto Networks, Inc. Dynamic selection and generation of a virtual clone for detonation of suspicious content within a honey network
US9495188B1 (en) 2014-09-30 2016-11-15 Palo Alto Networks, Inc. Synchronizing a honey network configuration to reflect a target network environment
US9716727B1 (en) 2014-09-30 2017-07-25 Palo Alto Networks, Inc. Generating a honey network configuration to emulate a target network environment
US10044675B1 (en) 2014-09-30 2018-08-07 Palo Alto Networks, Inc. Integrating a honey network with a target network to counter IP and peer-checking evasion techniques
US9921979B2 (en) 2015-01-14 2018-03-20 Red Hat Israel, Ltd. Position dependent code in virtual machine functions
US9779232B1 (en) 2015-01-14 2017-10-03 Sprint Communications Company L.P. Trusted code generation and verification to prevent fraud from maleficent external devices that capture data
US9189630B1 (en) 2015-01-21 2015-11-17 AO Kaspersky Lab Systems and methods for active operating system kernel protection
US9838868B1 (en) 2015-01-26 2017-12-05 Sprint Communications Company L.P. Mated universal serial bus (USB) wireless dongles configured with destination addresses
US9600190B2 (en) 2015-02-27 2017-03-21 Red Hat Israel, Ltd. Virtual machine functions for multiple privileged pages
US9473945B1 (en) 2015-04-07 2016-10-18 Sprint Communications Company L.P. Infrastructure for secure short message transmission
US10515014B1 (en) 2015-06-10 2019-12-24 EMC IP Holding Company LLC Non-uniform memory access (NUMA) mechanism for accessing memory with cache coherence
US10503416B1 (en) 2015-06-10 2019-12-10 EMC IP Holdings Company LLC Flash memory complex with a replication interface to replicate data to another flash memory complex of a data processing system
US10496284B1 (en) * 2015-06-10 2019-12-03 EMC IP Holding Company LLC Software-implemented flash translation layer policies in a data processing system
US10713334B1 (en) 2015-06-10 2020-07-14 EMC IP Holding Company LLC Data processing system with a scalable architecture over ethernet
US11010054B1 (en) 2015-06-10 2021-05-18 EMC IP Holding Company LLC Exabyte-scale data processing system
US10496626B2 (en) 2015-06-11 2019-12-03 EB Storage Systems Ltd. Deduplication in a highly-distributed shared topology with direct-memory-access capable interconnect
US10642753B1 (en) 2015-06-30 2020-05-05 Fireeye, Inc. System and method for protecting a software component running in virtual machine using a virtualization layer
US11113086B1 (en) 2015-06-30 2021-09-07 Fireeye, Inc. Virtual system and method for securing external network connectivity
US10395029B1 (en) * 2015-06-30 2019-08-27 Fireeye, Inc. Virtual system and method with threat protection
US10726127B1 (en) 2015-06-30 2020-07-28 Fireeye, Inc. System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer
US9819679B1 (en) 2015-09-14 2017-11-14 Sprint Communications Company L.P. Hardware assisted provenance proof of named data networking associated to device data, addresses, services, and servers
RU2609761C1 (ru) * 2015-09-30 2017-02-02 Акционерное общество "Лаборатория Касперского" Способ выполнения кода в режиме гипервизора
US10222632B2 (en) 2015-10-01 2019-03-05 Verily Life Sciences Llc Lens-to-lens communication for contact lenses
US10281743B2 (en) 2015-10-01 2019-05-07 Verily Life Sciences Llc Eye convergence detection with contact lenses
KR102513961B1 (ko) * 2015-11-11 2023-03-27 삼성전자주식회사 멀티 운영시스템을 지닌 전자장치 및 이의 동적 메모리 관리 방법
US10282719B1 (en) 2015-11-12 2019-05-07 Sprint Communications Company L.P. Secure and trusted device-based billing and charging process using privilege for network proxy authentication and audit
US9817992B1 (en) 2015-11-20 2017-11-14 Sprint Communications Company Lp. System and method for secure USIM wireless network access
US9965313B2 (en) * 2016-01-05 2018-05-08 Bitdefender IPR Management Ltd. Systems and methods for auditing a virtual machine
US20210026950A1 (en) * 2016-03-07 2021-01-28 Crowdstrike, Inc. Hypervisor-based redirection of system calls and interrupt-based task offloading
US9842084B2 (en) 2016-04-05 2017-12-12 E8 Storage Systems Ltd. Write cache and write-hole recovery in distributed raid over shared multi-queue storage devices
US11379385B2 (en) * 2016-04-16 2022-07-05 Vmware, Inc. Techniques for protecting memory pages of a virtual computing instance
US10255088B2 (en) 2016-05-13 2019-04-09 Red Hat Israel, Ltd. Modification of write-protected memory using code patching
US10579421B2 (en) 2016-08-29 2020-03-03 TidalScale, Inc. Dynamic scheduling of virtual processors in a distributed system
KR101970176B1 (ko) * 2016-10-24 2019-04-17 주식회사 산엔지니어링 가상 플랫폼 기반의 통합 항해 시스템
US9798482B1 (en) * 2016-12-05 2017-10-24 Red Hat, Inc. Efficient and secure memory allocation in virtualized computer systems
US10635479B2 (en) * 2016-12-19 2020-04-28 Bitdefender IPR Management Ltd. Event filtering for virtual machine security applications
CN106844005B (zh) * 2016-12-29 2020-04-14 北京瑞星网安技术股份有限公司 基于虚拟化环境下的数据恢复方法及系统
US10031872B1 (en) * 2017-01-23 2018-07-24 E8 Storage Systems Ltd. Storage in multi-queue storage devices using queue multiplexing and access control
US10489185B2 (en) * 2017-03-17 2019-11-26 Nicira, Inc. Hypervisor-assisted approach for locating operating system data structures based on attribute matching
EP3379445B1 (de) 2017-03-22 2024-06-12 Diebold Nixdorf Systems GmbH System und verfahren zur erzeugung von verschlüsselungsschlüsseln basierend auf informationen von peripherievorrichtungen
US10579274B2 (en) 2017-06-27 2020-03-03 TidalScale, Inc. Hierarchical stalling strategies for handling stalling events in a virtualized environment
US10503904B1 (en) 2017-06-29 2019-12-10 Fireeye, Inc. Ransomware detection and mitigation
US10499249B1 (en) 2017-07-11 2019-12-03 Sprint Communications Company L.P. Data link layer trust signaling in communication network
US10742491B2 (en) 2017-07-20 2020-08-11 Vmware, Inc. Reducing initial network launch time of container applications
US10579439B2 (en) 2017-08-29 2020-03-03 Red Hat, Inc. Batched storage hinting with fast guest storage allocation
US10956216B2 (en) 2017-08-31 2021-03-23 Red Hat, Inc. Free page hinting with multiple page sizes
US10817347B2 (en) 2017-08-31 2020-10-27 TidalScale, Inc. Entanglement of pages and guest threads
US10565376B1 (en) 2017-09-11 2020-02-18 Palo Alto Networks, Inc. Efficient program deobfuscation through system API instrumentation
US10685010B2 (en) 2017-09-11 2020-06-16 Amazon Technologies, Inc. Shared volumes in distributed RAID over shared multi-queue storage devices
US10474382B2 (en) 2017-12-01 2019-11-12 Red Hat, Inc. Fast virtual machine storage allocation with encrypted storage
US10970390B2 (en) 2018-02-15 2021-04-06 Intel Corporation Mechanism to prevent software side channels
US10922096B2 (en) * 2018-02-28 2021-02-16 Vmware, Inc. Reducing subsequent network launch time of container applications
WO2020030268A1 (en) * 2018-08-08 2020-02-13 Huawei Technologies Co., Ltd. Apparatus and method for providing one time programmable memory features in a hypervisor of a computing device
US11436141B2 (en) 2019-12-13 2022-09-06 Red Hat, Inc. Free memory page hinting by virtual machines
US11271907B2 (en) 2019-12-19 2022-03-08 Palo Alto Networks, Inc. Smart proxy for a large scale high-interaction honeypot farm
US11265346B2 (en) 2019-12-19 2022-03-01 Palo Alto Networks, Inc. Large scale high-interactive honeypot farm
KR102370848B1 (ko) * 2020-11-17 2022-03-07 주식회사 시큐브 분할된 보안 모듈을 구비하는 컴퓨터 장치 및 보안 모듈 업데이트 방법
US20230128720A1 (en) * 2021-10-21 2023-04-27 Microsoft Technology Licensing, Llc Securely redirecting system service routines
WO2023069166A1 (en) * 2021-10-21 2023-04-27 Microsoft Technology Licensing, Llc Securely redirecting system service routines

Family Cites Families (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6851057B1 (en) * 1999-11-30 2005-02-01 Symantec Corporation Data driven detection of viruses
US6779099B2 (en) * 2001-07-20 2004-08-17 Chien-Tzu Hou Operation method for controlling access attributes of a memorized page of a memory unit and its structure
KR101044173B1 (ko) * 2003-03-06 2011-06-24 마이크로소프트 코포레이션 분산형 컴퓨팅 시스템상에서 분산형 애플리케이션들을 설계, 배포 및 관리하기 위한 방법 및 장치, 자원 관리자 및 컴퓨터 판독가능 기록 매체
WO2006012058A1 (en) * 2004-06-28 2006-02-02 Japan Communications, Inc. Systems and methods for mutual authentication of network
US7277999B1 (en) 2004-08-12 2007-10-02 Vmware, Inc. Restricting memory access to protect data when sharing a common address space
US7836504B2 (en) * 2005-03-01 2010-11-16 Microsoft Corporation On-access scan of memory for malware
US7380049B2 (en) 2005-09-06 2008-05-27 Intel Corporation Memory protection within a virtual partition
US20070067590A1 (en) * 2005-09-22 2007-03-22 Uday Savagaonkar Providing protected access to critical memory regions
GB0525871D0 (en) * 2005-12-20 2006-02-01 Symbian Software Ltd Malicious software detecting in a computing device
US20140373144A9 (en) * 2006-05-22 2014-12-18 Alen Capalik System and method for analyzing unauthorized intrusion into a computer network
US7822941B2 (en) 2006-06-05 2010-10-26 Oracle America, Inc. Function-based virtual-to-physical address translation
US20080320594A1 (en) * 2007-03-19 2008-12-25 Xuxian Jiang Malware Detector
US7657695B1 (en) 2007-05-30 2010-02-02 Paravirtual Corporation Efficient processing of memory accesses to virtual hardware using runtime code patching
US7797748B2 (en) * 2007-12-12 2010-09-14 Vmware, Inc. On-access anti-virus mechanism for virtual machine architecture
US8839237B2 (en) * 2007-12-31 2014-09-16 Intel Corporation Method and apparatus for tamper resistant communication in a virtualization enabled platform
US8510828B1 (en) * 2007-12-31 2013-08-13 Symantec Corporation Enforcing the execution exception to prevent packers from evading the scanning of dynamically created code
US8104089B1 (en) * 2007-12-31 2012-01-24 Symantec Corporation Tracking memory mapping to prevent packers from evading the scanning of dynamically created code
JP4783392B2 (ja) * 2008-03-31 2011-09-28 株式会社東芝 情報処理装置および障害回復方法
EP2286333A4 (de) 2008-06-05 2012-08-08 Neocleus Israel Ltd Sicherer mehrzweck-computerclient
US8381288B2 (en) * 2008-09-30 2013-02-19 Intel Corporation Restricted component access to application memory
RU2406138C1 (ru) * 2009-06-18 2010-12-10 Корпорация "САМСУНГ ЭЛЕКТРОНИКС Ко., Лтд." Система безопасности виртуализованной компьютерной системы
US8397242B1 (en) * 2009-06-30 2013-03-12 Symantec Corporation System and method for managing operations within virtual machines
US8838913B1 (en) * 2009-09-15 2014-09-16 Symantec Corporation System and method for locating a memory page in a guest virtual machine
US8327059B2 (en) 2009-09-30 2012-12-04 Vmware, Inc. System and method to enhance memory protection for programs in a virtual machine environment
US8209510B1 (en) 2010-01-13 2012-06-26 Juniper Networks, Inc. Secure pool memory management
US8474039B2 (en) * 2010-01-27 2013-06-25 Mcafee, Inc. System and method for proactive detection and repair of malware memory infection via a remote memory reputation system
US20120240224A1 (en) * 2010-09-14 2012-09-20 Georgia Tech Research Corporation Security systems and methods for distinguishing user-intended traffic from malicious traffic
CN103154961A (zh) * 2010-09-30 2013-06-12 惠普发展公司,有限责任合伙企业 用于病毒扫描的虚拟机
KR101213572B1 (ko) * 2010-12-03 2012-12-18 한국과학기술원 하이퍼바이저를 활용한 사용자 어플리케이션 메모리 보호방법
US8490090B2 (en) * 2011-02-17 2013-07-16 International Business Machines Corporation Multilevel support in a nested virtualization environment
US20120331465A1 (en) 2011-03-02 2012-12-27 Tadao Tanikawa Virtual machine system, virtual machine control method, virtual machine control application, and semiconductor integrated circuit
US8307169B2 (en) 2011-03-10 2012-11-06 Safenet, Inc. Protecting guest virtual machine memory
US20120254993A1 (en) 2011-03-28 2012-10-04 Mcafee, Inc. System and method for virtual machine monitor based anti-malware security
US8893124B2 (en) 2011-03-31 2014-11-18 Intel Corporation Method, apparatus and system for limiting access to virtualization information in a memory
US20140053272A1 (en) * 2012-08-20 2014-02-20 Sandor Lukacs Multilevel Introspection of Nested Virtual Machines
US8656482B1 (en) * 2012-08-20 2014-02-18 Bitdefender IPR Management Ltd. Secure communication using a trusted virtual machine
US9043653B2 (en) * 2012-08-31 2015-05-26 International Business Machines Corporation Introspection of software program components and conditional generation of memory dump
US8910238B2 (en) * 2012-11-13 2014-12-09 Bitdefender IPR Management Ltd. Hypervisor-based enterprise endpoint protection
US10572665B2 (en) * 2012-12-28 2020-02-25 Fireeye, Inc. System and method to create a number of breakpoints in a virtual machine via virtual machine trapping events
US20140259169A1 (en) * 2013-03-11 2014-09-11 Hewlett-Packard Development Company, L.P. Virtual machines

Also Published As

Publication number Publication date
AU2014219466B2 (en) 2018-11-22
US8875295B2 (en) 2014-10-28
KR101863174B1 (ko) 2018-05-31
RU2640300C2 (ru) 2017-12-27
CA2897747A1 (en) 2014-08-28
CN105190570A (zh) 2015-12-23
HK1214663A1 (zh) 2016-07-29
ES2873229T3 (es) 2021-11-03
AU2014219466A1 (en) 2015-08-06
EP2959392A1 (de) 2015-12-30
KR20150118957A (ko) 2015-10-23
IL239855B (en) 2018-07-31
US20140245444A1 (en) 2014-08-28
JP6218859B2 (ja) 2017-10-25
WO2014129918A1 (en) 2014-08-28
IL239855A0 (en) 2015-08-31
CA2897747C (en) 2019-12-31
RU2015135541A (ru) 2017-03-30
EP2959392B1 (de) 2021-03-31
CN105190570B (zh) 2018-02-13
JP2016511903A (ja) 2016-04-21

Similar Documents

Publication Publication Date Title
HK1214663A1 (zh) 用於虛擬機器的完整性保護的存儲器自省引擎
SG11201505652UA (en) Secure virtual machine migration
HK1226212A1 (zh) 無需緩衝存儲器的虛擬路由
EP3063624A4 (de) Introspektionseinrichtungen für virtuelle maschine
EP2815349A4 (de) Vertrauenswürdige quellen zur messung von virtuellen maschinen
GB2508553B (en) Protecting memory of a virtual guest
GB201312422D0 (en) Virtual Machine Backup
EP2987282A4 (de) Virtuelle maschinenmigration
SG11201600694WA (en) Virtual computing instance migration
GB2503470B (en) Memory protection
HK1210704A1 (en) Compositions for sensitive skin
SG11201508971UA (en) User-influenced placement of virtual machine instances
SG11201507019QA (en) Application marketplace for virtual desktops
SG11201505651WA (en) Secure interface for invoking privileged operations
IL243122B (en) Introducing a page fault in virtual machines
EP3059929A4 (de) Verfahren zur erfassung der physikalischen adresse einer virtuellen maschine
EP2979211A4 (de) Schutz einer softwareanwendung
GB201320537D0 (en) Virtual machine backup
EP2684123A4 (de) Implementierung von tlb-synchronisation für systeme mit gemeinsam genutztem virtuellem speicher zwischen prozessoren
EP2936318A4 (de) Speicherzuordnung für virtuelle maschinen mit speicherabbild
EP2972853A4 (de) Integritätsüberwachung für geschichtete virtuelle maschinen
EP3063692A4 (de) Introspektion einer virtuellen maschine
GB201304912D0 (en) Virtual machine image disk usage
GB201312417D0 (en) Virtual Machine Backup
GB2512302B (en) Animation of a virtual object