Invention Grant
- Patent Title: VMM-based intrusion detection system
- Patent Title (中): 基于VMM的入侵检测系统
-
Application No.: US12865795Application Date: 2009-02-02
-
Publication No.: US08719936B2Publication Date: 2014-05-06
- Inventor: Micha Moffie , David Kaeli , Aviram Cohen , Javed Aslam , Malak Alshawabkeh , Jennifer Dy , Fatemeh Azmandian
- Applicant: Micha Moffie , David Kaeli , Aviram Cohen , Javed Aslam , Malak Alshawabkeh , Jennifer Dy , Fatemeh Azmandian
- Applicant Address: US MA Boston
- Assignee: Northeastern University
- Current Assignee: Northeastern University
- Current Assignee Address: US MA Boston
- Agency: Wilmer Cutler Pickering Hale and Dorr LLP
- International Application: PCT/US2009/032858 WO 20090202
- International Announcement: WO2009/097610 WO 20090806
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
An intrusion detection system collects architectural level events from a Virtual Machine Monitor where the collected events represent operation of a corresponding Virtual Machine. The events are consolidated into features that are compared with features from a known normal operating system. If an amount of any differences between the collected features and the normal features exceeds a threshold value, a compromised Virtual Machine may be indicated. The comparison thresholds are determined by training on normal and abnormal systems and analyzing the collected events with machine learning algorithms to arrive at a model of normal operation.
Public/Granted literature
- US20110004935A1 VMM-BASED INTRUSION DETECTION SYSTEM Public/Granted day:2011-01-06
Information query
