Fight-through nodes with disposable virtual machines and rollback of persistent state

US 8,839,426 B1
Filed: 08/29/2013
Issued: 09/16/2014
Est. Priority Date: 08/08/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a computing system, a plurality of messages from one or more client computing devices, each of the plurality of messages corresponding to a transaction in a plurality of transactions;

for each respective transaction in the plurality of transactions;

initializing, by the computing system and from a common template that has been determined to be free of malware infection, a respective one of a plurality of virtual machines that execute at one or more computing devices of the computing system, wherein initializing comprises initializing an instance of an application on the respective virtual machine in accordance with application state stored within a shared database;

wherein the plurality of messages includes a request to initiate a respective communication session between the computing system and a particular client computing device among the one or more client computing devices;

in response to receiving the request to initiate the respective communication session, assigning, by the computing system, the respective transaction to the respective virtual machine from the plurality of virtual machines, wherein the respective transaction is the first transaction assigned to the respective virtual machine;

generating, by the respective virtual machine, as part of the respective virtual machine completing the respective transaction, a database modification request associated with the respective transaction;

performing a modification to the shared database in response to the database modification request associated with the respective transaction, wherein the database modification request requests modification, within the shared database, of the application state for the application running on the respective virtual machine, and wherein the shared database is persisted independently of the plurality of virtual machines;

generating checkpoint data associated with the respective transaction;

in response to determining that processing of the respective transaction is complete upon detecting termination of the respective communication session, discarding, by the computing system, the respective virtual machine; and

in response to determining that the respective transaction is associated with a cyber-attack, using the checkpoint data associated with the respective transaction to roll back the modification to the shared database performed in response to the database modification request associated with the respective transaction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.

Citations

20 Claims

1. A method comprising:
- receiving, by a computing system, a plurality of messages from one or more client computing devices, each of the plurality of messages corresponding to a transaction in a plurality of transactions;
  
  for each respective transaction in the plurality of transactions;
  
  initializing, by the computing system and from a common template that has been determined to be free of malware infection, a respective one of a plurality of virtual machines that execute at one or more computing devices of the computing system, wherein initializing comprises initializing an instance of an application on the respective virtual machine in accordance with application state stored within a shared database;
  
  wherein the plurality of messages includes a request to initiate a respective communication session between the computing system and a particular client computing device among the one or more client computing devices;
  
  in response to receiving the request to initiate the respective communication session, assigning, by the computing system, the respective transaction to the respective virtual machine from the plurality of virtual machines, wherein the respective transaction is the first transaction assigned to the respective virtual machine;
  
  generating, by the respective virtual machine, as part of the respective virtual machine completing the respective transaction, a database modification request associated with the respective transaction;
  
  performing a modification to the shared database in response to the database modification request associated with the respective transaction, wherein the database modification request requests modification, within the shared database, of the application state for the application running on the respective virtual machine, and wherein the shared database is persisted independently of the plurality of virtual machines;
  
  generating checkpoint data associated with the respective transaction;
  
  in response to determining that processing of the respective transaction is complete upon detecting termination of the respective communication session, discarding, by the computing system, the respective virtual machine; and
  
  in response to determining that the respective transaction is associated with a cyber-attack, using the checkpoint data associated with the respective transaction to roll back the modification to the shared database performed in response to the database modification request associated with the respective transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein initializing the plurality of virtual machines comprises initializing each virtual machine in the plurality of virtual machines in response to receiving a message that corresponds to a new transaction.
  - 3. The method of claim 1, wherein the respective communication session is a Transmission Control Protocol (TCP) session between the computing system and a particular client computing device among the one or more client computing devices.
  - 4. The method of claim 3, wherein generating the checkpoint data associated with the respective transaction comprises generating a checkpoint in response to initiation or termination of the TCP session.
  - 5. The method of claim 1, wherein each of the plurality of virtual machines is a type I hypervisor, a type II hypervisor, a paravirtualized virtual machine, a fully virtualized virtual machine, an application-level virtual machine, or an operating system-level virtual machine.
  - 6. The method of claim 1, wherein the shared database is accessible to each of the plurality of virtual machines.
  - 7. The method of claim 1, wherein the application is a server that provides a network service.
  - 8. The method of claim 1, wherein generating the checkpoint data associated with the respective transaction comprises generating the checkpoint data associated with the respective transaction in response to the database modification request associated with the respective transaction.
  - 9. The method of claim 1, wherein generating the checkpoint data associated with the respective transaction comprises generating the checkpoint data associated with the respective transaction in response to determining that a number of database modification requests associated with the respective transaction exceeds a threshold.
  - 10. The method of claim 1, further comprising determining that the respective transaction is associated with a cyber-attack in response to determining that the respective transaction is associated with an unauthorized request to access or modify data in the shared database.
  - 11. The method of claim 1, further comprising determining that the respective transaction is associated with a cyber-attack in response to determining that the respective transaction attempted to perform an unauthorized modification of programming code of the respective virtual machine or an unauthorized modification of a configuration of the respective virtual machine.
  - 12. The method of claim 1, wherein each of transactions in the plurality of transactions corresponds to a single message in the plurality of messages.

13. A computing system comprising:
- a shared database; and
  
  one or more computing devices configured to;
  
  receive a plurality of messages from one or more client computing devices, each of the plurality of messages corresponding to a transaction in a plurality of transactions;
  
  for each respective transaction in the plurality of transactions;
  
  initialize, from a common template that has been determined to be free of malware infection, a respective one of a plurality of virtual machines that execute at one or more of the computing devices of the computing system, wherein initializing comprises initializing an instance of an application on the respective virtual machine in accordance with application state stored within the shared database;
  
  wherein the plurality of messages includes a request to initiate a respective communication session between the computing system and a particular client computing device among the one or more client computing devices;
  
  in response to receiving the request to initiate the respective communication session, assign the respective transaction to the respective virtual machine from the plurality of virtual machines, wherein the respective transaction is the first transaction assigned to the respective virtual machine;
  
  generate, as part of the respective virtual machine completing the respective transaction, a database modification request associated with the respective transaction;
  
  perform a modification to the shared database in response to the database modification request associated with the respective transaction, wherein the database modification request requests modification, within the shared database, of the application state for the application running on the respective virtual machine, and wherein the shared database is persisted independently of the plurality of virtual machines;
  
  generate checkpoint data associated with the respective transaction;
  
  in response to determining that processing of the respective transaction is complete upon detecting termination of the respective communication session, discard the respective virtual machine; and
  
  in response to determining that the respective transaction is associated with a cyber-attack, use the checkpoint data associated with the respective transaction to roll back the modification to the shared database performed in response to the database modification request associated with the respective transaction.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computing system of claim 13, wherein the one or more processors are configured to initialize a virtual machine in the plurality of virtual machines in response to receiving a message that corresponds to a new transaction.
  - 15. The computing system of claim 13, wherein the respective communication session is a Transmission Control Protocol (TCP) session between the computing system and a particular client computing device among the one or more client computing devices.
  - 16. The computing system of claim 15, wherein the one or more processors are configured to generate the checkpoint data associated with the respective transaction such that the one or more processors:
    - generate a first checkpoint in response to initiation of the TCP session; and
      
      generate a second checkpoint in response to termination of the TCP session.
  - 17. The computing system of claim 13, wherein the shared database is accessible to each of the plurality of virtual machines.
  - 18. The computing system of claim 13, wherein each of transactions in the plurality of transactions corresponds to a single message in the plurality of messages.

19. A non-transitory computer-readable data storage medium having stored thereon instructions that, when executed, configure a computing system to:
- receive a plurality of messages from one or more client computing devices, each of the plurality of messages corresponding to a transaction in a plurality of transactions;
  
  for each respective transaction in the plurality of transactions;
  
  initialize, from a common template that has been determined to be free of malware infection, a respective one of a plurality of virtual machines that execute at one or more computing devices of the computing system, wherein initializing comprises initializing an instance of an application on the respective virtual machine in accordance with application state stored within a shared database;
  
  wherein the plurality of messages includes a request to initiate a respective communication session between the computing system and a particular client computing device among the one or more client computing devices;
  
  in response to receiving the request to initiate the respective communication session, assign the respective transaction to the respective virtual machine from the plurality of virtual machines, wherein the respective transaction is the first transaction assigned to the respective virtual machine;
  
  generate, as part of the respective virtual machine completing the respective transaction, a database modification request associated with the respective transaction;
  
  perform a modification to the shared database in response to the database modification request associated with the respective transaction, wherein the database modification request requests modification, within the shared database, of the application state for the application running on the respective virtual machine, and wherein the shared database is persisted independently of the plurality of virtual machines;
  
  generate checkpoint data associated with the respective transaction;
  
  in response to determining that processing of the respective transaction is complete upon detecting termination of the respective communication session, discard the respective virtual machine; and
  
  in response to determining that the respective transaction is associated with a cyber-attack, use the checkpoint data associated with the respective transaction to roll back the modification to the shared database performed in response to the database modification request associated with the respective transaction.

20. A network node comprising:
- a hardware-based processing system having a set of one or more processing units;
  
  a plurality of virtual machines (VMs) executing on the one or more processing units, wherein each of the plurality of virtual machines is initialized from a common template that has been determined to be free of malware infection;
  
  a dispatcher that;
  
  receives, from one or more client computing devices, a plurality of messages corresponding to transactions in a plurality of transactions, wherein, for each respective transaction in the plurality of transactions, the plurality of messages includes requests to initiate respective communication sessions between the network node and particular client computing devices,assigns, in response to receiving the requests to initiate the respective communication sessions, each of the transactions to the plurality of virtual machines, anddiscards each of the VMs when the transactions assigned to the VMs are complete upon detecting termination of the respective communication sessions;
  
  one or more intrusion detection systems that detect whether any of the VMs have been compromised and whether a shared database has been compromised;
  
  a checkpointing module that generates checkpoint data based on requests from the VMs to modify the shared database,a rollback module that uses the checkpoint data to roll back modifications to the shared database that are associated with a particular transaction when the one or more intrusion detection systems determine that a VM to which the particular transaction was assigned has been compromised or the shared database has been compromised, andone or more processors are configured such that for each respective virtual machine from the plurality of virtual machines, the one or more processors generate a database modification request as part of completing a respective transaction from the plurality of transactions, the database modification request requesting storage to the shared database of an application state of an application running on the respective virtual machine,wherein the one or more processors initialize, from the common template, a particular virtual machine such that an instance of the application running on the particular virtual machine has the application state of the application running on one of the virtual machines.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Architecture Technology Corporation
Original Assignee
Architecture Technology Corporation
Inventors
Brueckner, Stephen K., Joyce, Robert A., Thurber, Kenneth J., Manson, Carl, Inoue, Hajime
Primary Examiner(s)
Zee, Edward
Assistant Examiner(s)
NGUY, CHI D

Application Number

US14/014,242
Time in Patent Office

383 Days
Field of Search

726 22- 26, 713187-188
US Class Current

726/22
CPC Class Codes

G06F 11/1469   Backup restoration techniques

G06F 21/606   by securing the transmissio...

G06F 9/45533   Hypervisors; Virtual machin...

G06F 9/466   Transaction processing

H04L 63/145   the attack involving the pr...

Fight-through nodes with disposable virtual machines and rollback of persistent state

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Fight-through nodes with disposable virtual machines and rollback of persistent state

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links