Server evidence-obtaining method based on virtual machine introspection

A virtual machine and server technology, applied in the information field

Inactive Publication Date: 2018-11-13
湖南文盾智链科技有限公司
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this method of virtual machine introspection can obtain the internal information of the virtual machine from the outside, there are still defects that cannot be ignored: it is not an easy task to extract useful internal information of the operating system from a large amount of underlying data
At the same time, it is not difficult to see from the above two main methods that due to their inherent defects, there are still some difficulties and deficiencies in applying them in the field of forensic analysis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Server evidence-obtaining method based on virtual machine introspection
  • Server evidence-obtaining method based on virtual machine introspection
  • Server evidence-obtaining method based on virtual machine introspection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] The embodiments of the present invention will be described in detail below with reference to the accompanying drawings, but the present invention can be implemented in various ways defined and covered by the claims.

[0085] see Figure 1 to Figure 4 , a server forensics method based on virtual machine introspection, the specific steps are as follows:

[0086] S1. Obtain the status information of the customer virtual machine, store the compressed file of the status information in the database and send it to a third party for forensic analysis;

[0087] S2. Perform forensic analysis on the target virtual machine state information file transmitted by the cloud computing provider;

[0088] S3. Issue a standardized test report and give feedback on the test results.

[0089] Wherein, step S1 utilizes the privileged attributes and built-in functions of the virtual machine monitor to perform a memory dump of the memory of the target virtual machine to generate a memory dump ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a server evidence-obtaining method based on virtual machine introspection. Internal information and a state of a virtual machine are quickly analyzed on the premise of ensuringthe privacy of a cloud tenant; and when the virtual machine of the tenant is damaged, the accuracy and quickness demands of a cloud computing platform on evidence-obtaining analysis of the virtual machine of the tenant can be met. The method assists in fast and reliable evidence-obtaining of the virtual machine in a server under a virtual environment background of the cloud computing platform; when a cloud service user realizes that the own virtual machine is abnormal, a cloud service provider is notified, and the requirements of evidence-obtaining analysis are proposed.

Description

technical field [0001] The present invention relates to the field of information technology, in particular to a server forensics method based on virtual machine introspection. Background technique [0002] With the rapid development of cloud computing technology, the information industry has entered the "cloud era". Facing such an ordinary network environment with intrusions and attacks, when cloud service users are attacked or cloud service users find that their systems are abnormal, it becomes an urgent problem in the field of cloud computing security that cloud service providers be able to analyze their system conditions. question. Due to the characteristics of cloud computing itself, the underlying equipment is transparent to users, so the security of cloud computing platforms is the most concerned issue for cloud service users. Cloud service users have high security requirements. In addition to deploying corresponding security devices to resist various attacks, cloud ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F11/14G06F21/62G06F21/64
CPCG06F9/45558G06F11/1448G06F21/6245G06F21/64H04L9/3239
Inventor 任江春
Owner 湖南文盾智链科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap