Title:
Systems And Methods For Secure In-vm Monitoring
Systems And Methods For Secure In-vm Monitoring
Files
Author(s)
Advisor(s)
Editor(s)
Collections
Supplementary to
Permanent Link
Abstract
Security systems can provide secure and efficient in-VM monitoring. An exemplary security system can be built upon hardware virtualization features and can comprise a virtual machine having a plurality of standard virtual address spaces, as well as a hidden virtual address space. While the standard virtual address spaces can be directly accessible by a kernel in the virtual machine, the hidden virtual address space can be hidden from the kernel, which can be absent a virtual page table corresponding to the hidden virtual address space. A security monitor can reside in the hidden address space, monitoring the kernel without being modifiable by the kernel. A processor can transfer focus from the standard virtual address spaces to the hidden virtual address space only through predetermined entry gates, and the processor can transfer focus from the hidden virtual address space to the standard virtual address spaces only through predetermined exit gates.
Sponsor
Date Issued
9/8/2015
Extent
Resource Type
Text
Resource Subtype
Patent