-
公开(公告)号:US20240134961A1
公开(公告)日:2024-04-25
申请号:US17970168
申请日:2022-10-19
Applicant: VMware, Inc
Inventor: Sachin Shinde , Shirish Vijayvargiya , Amardeep Nagarkar , Sunil Hasbe
Abstract: The current document is directed to automated methods and systems that monitor system-call execution by operating systems in order to detect operating-system corruption. A disclosed implementation of the currently disclosed automated system-call-integrity monitor generate operational system-call fingerprints for randomly selected system calls executed by guest operating systems of randomly selected virtual machines and compares the operational system-call fingerprints to reference system-call fingerprints in order to detect operational anomalies of guest operating systems that are likely to represent guest-operating-system corruption. In disclosed implementations, a system-call fingerprint includes a system-call execution time, the number of instructions executed during execution of the system call, and a snapshot of the call stack taken during execution of the system call. The currently disclosed methods and systems can be used to monitor the system-call integrity of discrete computer systems, including personal computers, as well as computer-system clusters and aggregations.
-
公开(公告)号:US20230222361A1
公开(公告)日:2023-07-13
申请号:US17966821
申请日:2022-10-15
Applicant: VMware, Inc.
Inventor: Shirish Vijayvargiya , Vasantha Kumar Dhanasekar , Sunil Hasbe
Abstract: Some embodiments of the invention provide a method for deploying machines for users in a software-defined datacenter (SDDC). The method in some embodiments is performed by a host computer that executes one or more machines. The method formulates a prediction regarding a particular user that is likely to log into a particular machine (e.g., virtual machine (VM), Pod, container, etc.) executing on a host computer of the SDDC in a future time period. Before the user logs into the particular machine, the method pre-fetches from a server a set of rules for a set of network elements that will process data messages associated with the machine after the particular user starts using the particular machine. The method uses the pre-fetched set of rules to configure the set of network elements to process data messages from the particular machine when the particular user logs into the machine during the time period. On the other hand, the method discards the pre-fetched set of rules when the particular user does not log into the particular machine during the time period.
-
公开(公告)号:US11238158B2
公开(公告)日:2022-02-01
申请号:US16558341
申请日:2019-09-03
Applicant: VMWARE, INC.
Inventor: Shirish Vijayvargiya , Sunil Hasbe
Abstract: A system and method for automatically adjusting a learning mode duration on a virtual computing instance for an application security system extends a minimum duration of time for the learning mode duration for a guest agent running in the virtual computing instance based on a condition with respect to suspicious activities and deviations from normal behaviors detected during a fixed time interval. The guest agent is switched to a protected mode when the condition with respect to the suspicious activities and the deviations from the normal behaviors is satisfied for any fixed time interval after the minimum duration of time.
-
Patent Agency Ranking
4.发明授权公开(公告)号:US11922199B2
公开(公告)日:2024-03-05
申请号:US16805873
申请日:2020-03-02
Applicant: VMWARE, INC.
Inventor: Sunil Hasbe , Shirish Vijayvargiya
CPC classification number: G06F9/45558 , G06F11/1469 , G06F11/1484 , G06F21/566 , G06F21/568 , G06F2009/45562 , G06F2009/45575 , G06F2201/815 , G06F2201/84
Abstract: An in-guest agent in a virtual machine (VM) operates in conjunction with a replication module. The replication module performs continuous data protection (CDP) by saving images of the VM as checkpoints at a disaster recovery site over time. Concurrently, the in-guest agent monitors for behavior in the VM that may be indicative of the presence of malicious code. If the in-guest agent identifies behavior (at a particular point in time) at the VM that may be indicative of the presence of malicious code, the replication module can tag a checkpoint that corresponds to the same particular point in time as a security risk. One or more checkpoints generated prior to the particular time may be determined to be secure checkpoints that are usable for restoration of the VM.
-
公开(公告)号:US20240022588A1
公开(公告)日:2024-01-18
申请号:US17950234
申请日:2022-09-22
Applicant: VMWARE, INC.
Inventor: Shirish Vijayvargiya , Sunil Hasbe
IPC: H04L9/40
CPC classification number: H04L63/1433 , H04L63/20
Abstract: Computer-implemented methods, media, and systems for providing container security manageability are disclosed. In one computer-implemented method, a host device connected to a cloud server detects an event of a plurality of events generated by a plurality of containers hosted in the host device. The host device identifies container context data of the event, associates the container context data with the event, sends the container context data to the cloud server for security analysis. The host device receives, from the cloud server, security rules based on the security analysis and implements the security rules.
-
公开(公告)号:US20230188497A1
公开(公告)日:2023-06-15
申请号:US18106153
申请日:2023-02-06
Applicant: VMware, Inc.
Inventor: Shirish Vijayvargiya , Sunil Hasbe , Nakul Ogale , Sachin Shinde
IPC: H04L61/4552 , H04L61/4511 , H04L61/103
CPC classification number: H04L61/4552 , H04L61/103 , H04L61/4511
Abstract: In some embodiments, a method stores domain name system (DNS) resolution mappings from a domain name to an address in a first table. The DNS resolution mappings are intercepted from DNS responses being sent by a DNS server. The first table is sent to a manager for validation of the DNS resolution mappings. Then, a second table is received from the manager that contains validated DNS resolution mappings. The method intercepts a DNS response that includes a domain name to address resolution mapping from the DNS server and validates the domain name to address resolution mapping using a validated DNS resolution mapping in the second table.
-
公开(公告)号:US11575646B2
公开(公告)日:2023-02-07
申请号:US16874706
申请日:2020-05-15
Applicant: VMWARE, INC.
Inventor: Shirish Vijayvargiya , Sunil Hasbe , Nakul Ogale , Sachin Shinde
IPC: H04L61/4552 , H04L61/103 , H04L61/4511
Abstract: In some embodiments, a method stores domain name system (DNS) resolution mappings from a domain name to an address in a first table. The DNS resolution mappings are intercepted from DNS responses being sent by a DNS server. The first table is sent to a manager for validation of the DNS resolution mappings. Then, a second table is received from the manager that contains validated DNS resolution mappings. The method intercepts a DNS response that includes a domain name to address resolution mapping from the DNS server and validates the domain name to address resolution mapping using a validated DNS resolution mapping in the second table.
-
公开(公告)号:US20220109629A1
公开(公告)日:2022-04-07
申请号:US16952212
申请日:2020-11-19
Applicant: Vmware, Inc.
Inventor: SHIRISH VIJAYVARGIYA , Sunil Hasbe
IPC: H04L12/801 , G06F9/455
Abstract: Embodiments of the present disclosure relate to a method for preventing a service executing on a host machine from overrunning. The method receives, by the service running on the host machine, one or more packets via a data path. The method determines that the service is in or approaching an overrun state. Upon the determining, the method identifies a set of one or more virtual computing instances (VCIs) running on the host machine, and sends, via a first path different than the data path, a set of one or more signals to the set of VCIs, the one or more signals indicating to the set of VCIs to slow down transmitting network traffic via the data path.
-
-
-
-
-
-
-
Search Results
8
records
(took 0.013 seconds)
