公开(公告)号：US20240134961A1

公开(公告)日：2024-04-25

申请号：US17970168

申请日：2022-10-19

Applicant: VMware, Inc

Inventor： Sachin Shinde ,  Shirish Vijayvargiya ,  Amardeep Nagarkar ,  Sunil Hasbe

IPC: G06F21/52 ,  G06F21/57

CPC classification number: G06F21/52 ,  G06F21/57

Abstract: The current document is directed to automated methods and systems that monitor system-call execution by operating systems in order to detect operating-system corruption. A disclosed implementation of the currently disclosed automated system-call-integrity monitor generate operational system-call fingerprints for randomly selected system calls executed by guest operating systems of randomly selected virtual machines and compares the operational system-call fingerprints to reference system-call fingerprints in order to detect operational anomalies of guest operating systems that are likely to represent guest-operating-system corruption. In disclosed implementations, a system-call fingerprint includes a system-call execution time, the number of instructions executed during execution of the system call, and a snapshot of the call stack taken during execution of the system call. The currently disclosed methods and systems can be used to monitor the system-call integrity of discrete computer systems, including personal computers, as well as computer-system clusters and aggregations.