SOFTWARE POLICY ENGINE IN VIRTUAL ENVIRONMENT

SOFTWARE POLICY ENGINE IN VIRTUAL ENVIRONMENT

Methods, systems, and computer-readable mediums for detection of policy violations in an unmodified binary in a virtual environment include receiving the unmodified binary in an executable and linkable format (ELF). The unmodified binary is executed, via an emulator, within the virtual environment....

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: JONES, Frederick K, MOYER, Geoffrey G, VERNON, Jeffrey M, WATTERS, Stephen L, DELY, Alex, NISHAT, Uzma
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods, systems, and computer-readable mediums for detection of policy violations in an unmodified binary in a virtual environment include receiving the unmodified binary in an executable and linkable format (ELF). The unmodified binary is executed, via an emulator, within the virtual environment. The executing includes determining, by an instruction set emulator, a symbol that is referenced during the executing of the unmodified binary. The symbol, a current state, and a global state is sent to a software policy engine. The software policy engine determines an assertion associated with the symbol. The assertion verifies a policy is enforced. A previous state is updated based on the symbol. The assertion is executed based on the current state, the previous state, and the global state. The assertion is determined to have failed based on the executing the assertion. A warning is logged indicating the failed assertion.