Invention Grant
US08973144B2 System and method for kernel rootkit protection in a hypervisor environment
有权
管理程序环境中的内核rootkit保护的系统和方法
- Patent Title: System and method for kernel rootkit protection in a hypervisor environment
- Patent Title (中): 管理程序环境中的内核rootkit保护的系统和方法
-
Application No.: US13272830Application Date: 2011-10-13
-
Publication No.: US08973144B2Publication Date: 2015-03-03
- Inventor: Amit Dang , Preet Mohinder , Vivek Srivastava
- Applicant: Amit Dang , Preet Mohinder , Vivek Srivastava
- Applicant Address: US CA Santa Clara
- Assignee: McAfee, Inc.
- Current Assignee: McAfee, Inc.
- Current Assignee Address: US CA Santa Clara
- Agency: Patent Capital Group
- Main IPC: G06F11/00
- IPC: G06F11/00 ; H04L29/06 ; G06F12/14 ; G06F21/55
Abstract:
A method includes creating a soft whitelist having an entry corresponding to a first guest kernel page in a guest operating system (OS) in a hypervisor environment including a hypervisor. The method also includes receiving an access attempt to a second guest kernel page, and generating a page fault when the access attempt is made to the second guest kernel page. In addition, the method includes determining that the second guest kernel page does not correspond to the entry in the soft whitelist, and denying an execution of the second guest kernel page if the second guest kernel page does not correspond to the entry in the soft whitelist.
Public/Granted literature
- US20130097355A1 SYSTEM AND METHOD FOR KERNEL ROOTKIT PROTECTION IN A HYPERVISOR ENVIRONMENT Public/Granted day:2013-04-18
Information query
