Quarantining packets received at device in network communications utilizing virtual network connection
First Claim
1. A method of engaging in network communications by a device, comprising:
- at a device for a first application running on the device, spawning a first virtual machine for a network connection that virtualizes only network capabilities of the device;
communicating, via the first virtual machine, data from the first application to another device in a plurality of packets, the first application running outside of the first virtual machine;
receiving, at the first virtual machine, a packet intended for the first application communicated from the other device;
determining, at the first virtual machine, that the packet is corrupted, said determination being based on information from the first application running on the device;
in response to determining that the packet is corrupted, at the device, quarantining the packet, and, at the device, spawning a second virtual machine for a network connection that virtualizes only network capabilities of the device; and
communicating, using the second virtual machine, a message to the other device; and
at the device for a second application running on the device, spawning a third virtual machine for a network connection that virtualizes only network capabilities of the device such that the device includes a plurality of simultaneously maintained virtual machines that each virtualize network capabilities of the device;
wherein each virtual machine that virtualizes network capabilities of the device comprises a software copy of a network interface card;
wherein the first application and second application run outside of the first, second, and third virtual machines.
7 Assignments
0 Petitions
Accused Products
Abstract
A method of engaging in network communications by a device includes spawning a first virtual machine for a network connection that virtualizes network capabilities of a device; receiving a packet communicated from a transmitting device at the first virtual machine of the device; determining that the packet is corrupted, said determination being based on information from an application running on the device; in response to said step of determining that the packet is corrupted, quarantining the packet; spawning a second virtual machine for a network connection that virtualizes network capabilities of the device; and communicating, using the second virtual machine, a message to the transmitting device.
109 Citations
20 Claims
-
1. A method of engaging in network communications by a device, comprising:
-
at a device for a first application running on the device, spawning a first virtual machine for a network connection that virtualizes only network capabilities of the device; communicating, via the first virtual machine, data from the first application to another device in a plurality of packets, the first application running outside of the first virtual machine; receiving, at the first virtual machine, a packet intended for the first application communicated from the other device; determining, at the first virtual machine, that the packet is corrupted, said determination being based on information from the first application running on the device; in response to determining that the packet is corrupted, at the device, quarantining the packet, and, at the device, spawning a second virtual machine for a network connection that virtualizes only network capabilities of the device; and communicating, using the second virtual machine, a message to the other device; and at the device for a second application running on the device, spawning a third virtual machine for a network connection that virtualizes only network capabilities of the device such that the device includes a plurality of simultaneously maintained virtual machines that each virtualize network capabilities of the device; wherein each virtual machine that virtualizes network capabilities of the device comprises a software copy of a network interface card; wherein the first application and second application run outside of the first, second, and third virtual machines. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of responding to a corrupted packet comprising:
-
receiving, at a first virtual machine of a device, a packet communicated from a transmitting device; determining, at the first virtual machine of the device, that the packet is corrupted, said determination being based on information from an application running on the device; in response to determining that the packet is corrupted, quarantining the corrupted packet, at the device, spawning a second virtual machine for a network connection that virtualizes only network capabilities of the device; and communicating, using the spawned second virtual machine, a message to the transmitting device; wherein the device includes a plurality of simultaneously maintained virtual machines that each virtualize network capabilities of the device; wherein each virtual machine that virtualizes network capabilities of the device comprises a software copy of a network interface card; wherein the application runs outside of each of the plurality of simultaneously maintained virtual machines. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A method comprising:
-
receiving, at a device, a packet communicated from a transmitting device via a first virtual network connection associated with a first virtual machine running at the device that virtualizes network capabilities of the device, the first virtual machine being associated with a first application running on the device; determining that the packet is corrupted, said determination being based on information from the first application running on the device; in response to said step of determining that the packet is corrupted, at the device, spawning a second virtual machine that virtualizes only network capabilities of the end-user device, selecting a routing protocol from among a plurality of available routing protocols for communicating data over the network using the virtualized network capabilities of the second virtual machine, and using the selected routing protocol, communicating data from the application using the virtualized network capabilities of the second virtual machine for communication to the transmitting device; at the device for a second application running on the device, spawning a third virtual machine for a network connection that virtualizes only network capabilities of the device such that the device includes a plurality of simultaneously maintained virtual machines that each virtualize network capabilities of the device; wherein each virtual machine that virtualizes network capabilities of the device comprises a software copy of a network interface card; wherein the first application and second application run outside of the first, second, and third virtual machines.
-
Specification