US 12,259,982 B2
Systems and methods for transparently detecting unencrypted virtual machine I/O
Carl Alan Waldspurger, Palo Alto, CA (US); and Bijan Mottahedeh, San Mateo, CA (US)
Assigned to Nutanix, Inc., San Jose, CA (US)
Filed by Nutanix, Inc., San Jose, CA (US)
Filed on Jan. 21, 2022, as Appl. No. 17/581,331.
Prior Publication US 2023/0237169 A1, Jul. 27, 2023
Int. Cl. G06F 21/60 (2013.01); G06F 9/455 (2018.01)
CPC G06F 21/604 (2013.01) [G06F 9/45558 (2013.01); G06F 21/602 (2013.01); G06F 2009/45587 (2013.01)] 24 Claims
OG exemplary drawing
 
1. An apparatus comprising a processor and memory, wherein the memory comprises programmed instructions that, when executed by the processor, cause the processor to:
intercept, via a hypervisor, an I/O transaction between a virtual machine and a I/O device;
analyze, by the hypervisor, contents of memory pages storing data included in the intercepted I/O transaction;
determine, by the hypervisor, whether data in the intercepted I/O transaction is unencrypted based on the analysis of the memory pages; and
in response to determining that the data in the intercepted I/O transaction is unencrypted, perform, by the hypervisor, a remedial action, wherein the remedial action comprises at least one of:
preventing the intercepted I/O transaction from completing,
suspending execution of the virtual machine, and
generating an alert indicating detected unencrypted I/O operations.