System, method, and computer program product for conditionally preventing use of hardware virtualization
First Claim
Patent Images
1. In a hardware computer system, a method:
- providing a hardware virtualization software layer comprising virtual machine guard software, wherein the virtual machine guard software has a dedicated purpose to prevent the operation of malware software, such malware software characterized by a purpose to circumvent the intended operation of a system;
recognizing, by the virtual machine guard software, an attempt to use hardware virtualization;
determining a source that initiated the attempt;
associating the source with an identifier; and
allowing the attempt if the identifier is on a list of predetermined identifiers that are allowed.
10 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product are provided for conditionally preventing use of hardware virtualization. In use, an attempt to use hardware virtualization is identified. Further, the use of the hardware virtualization is conditionally prevented.
-
Citations
18 Claims
-
1. In a hardware computer system, a method:
-
providing a hardware virtualization software layer comprising virtual machine guard software, wherein the virtual machine guard software has a dedicated purpose to prevent the operation of malware software, such malware software characterized by a purpose to circumvent the intended operation of a system; recognizing, by the virtual machine guard software, an attempt to use hardware virtualization; determining a source that initiated the attempt; associating the source with an identifier; and allowing the attempt if the identifier is on a list of predetermined identifiers that are allowed. - View Dependent Claims (2, 3, 4)
-
-
5. A method comprising:
-
running an operating system on a hardware platform; installing virtual machine guard software, the virtual machine guard software having the purpose to prevent the operation of malware software, such malware software characterized by a purpose to circumvent the intended operation of a system; creating a virtual machine; moving the operating system into the virtual machine such that the operating system runs within the virtual machine and the virtual machine runs above the virtual machine guard software; employing the virtual machine guard software to monitor attempts by the operating system to use hardware virtualization; assigning an identifier to any said attempts that are recognized, the identifier having an association with software running upon the operating system; and allowing an attempt at hardware virtualization if an assigned identifier has been pre-determined as allowed. - View Dependent Claims (6, 7)
-
-
8. A method comprising:
-
running virtual machine guard software having a dedicated purpose to prevent the operation of malware software, such malware software characterized by a purpose to circumvent the intended operation of a system; employing the virtual machine guard software to create a virtual machine running an operating system in the virtual machine, wherein the virtual machine executes upon the virtual machine guard software and the operating system executes within the virtual machine; identifying an attempt to use hardware virtualization by a first software program running upon the operating system, such identifying performed by the virtual machine guard software; associating the first software program with an identifier; and allowing the attempt to use hardware virtualization if the identifier is predetermined as allowed. - View Dependent Claims (9, 10, 11)
-
-
12. A non-transitory machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a computer system to:
-
provide a hardware virtualization software layer dedicated to prevent the operation of malware software, such malware software characterized by a purpose to circumvent the intended operation of the computer system; recognize an attempt to use hardware virtualization; determine a source that initiated the attempt; associate the source with an identifier; and allow the attempt if the identifier is on a predetermined list of allowed identifiers. - View Dependent Claims (13, 14, 15)
-
-
16. A non-transitory machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a computer system to:
-
create a virtual machine above a virtual machine guard software having the purpose to prevent the operation of malware software, such malware software characterized by a purpose to circumvent the intended operation of the computer system; move an operating system into the virtual machine such that the operating system runs within the virtual machine; employ the virtual machine guard software to monitor attempts by the operating system to use hardware virtualization; assign to any recognized attempts an identifier associated with software running upon the operating system; and allow an attempt at hardware virtualization if the assigned identifier has been pre- determined as allowed. - View Dependent Claims (17, 18)
-
Specification