Impeding Progress of Malicious Guest Software
First Claim
Patent Images
1. A method of operating a virtualization system, the method comprising:
- instantiating a virtualization system on an underlying hardware machine, the virtualization system exposing a virtual machine in which multiple execution contexts of a guest execute;
monitoring the execution contexts from the virtualization system; and
selectively impeding computational progress of a particular one of the execution contexts.
2 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention is a method of operating a virtualization system, the method including: (a) instantiating a virtualization system on an underlying hardware machine, the virtualization system exposing a virtual machine in which multiple execution contexts of a guest execute; (b) monitoring the execution contexts from the virtualization system; and (c) selectively impeding computational progress of a particular one of the execution contexts.
-
Citations
46 Claims
-
1. A method of operating a virtualization system, the method comprising:
-
instantiating a virtualization system on an underlying hardware machine, the virtualization system exposing a virtual machine in which multiple execution contexts of a guest execute; monitoring the execution contexts from the virtualization system; and selectively impeding computational progress of a particular one of the execution contexts. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
- 29. A computational system that, from behind a virtualization barrier, selectively impedes progress of a malicious context executing within an exposed virtual machine without substantially impeding progress of other execution contexts executing therein.
-
35. An apparatus comprising:
-
a hardware machine; virtualization software encoded in one or more media accessible to the hardware machine and executable to expose at least one virtual machine using resources of the hardware machine; and guest software encoded in one or more media accessible to the virtual machine, the guest software executable on an exposed virtual machine, wherein the virtualization software includes code executable on the hardware machine to selectively impede, from behind a virtualization barrier and without cooperation of the guest software, progress of a malicious context executing within the exposed virtual machine. - View Dependent Claims (36, 37, 38)
-
-
39. A computer program product comprising:
one or more functional sequences executable as, or in conjunction with, a virtualization system to selectively impede, from behind a virtualization barrier and without cooperation of guest software, progress of a malicious context executing within a virtual machine exposed by the virtualization system. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46)
Specification