1. Technical Field
The present invention generally relates to an inspection and recovery apparatus and method for handling virtual machine vulnerability and, more particularly, to a method and apparatus that automatically inspect the vulnerability of a virtual machine and recover damaged main system files in the hypervisor domain of a cloud computing environment.
2. Description of the Related Art
Recently, to cope with hacking threats, the installation of an antivirus program and a firewall has been generalized even in a virtual machine environment.
However, such security software does not desirably perform significant security check tasks that are to be performed after being installed, for example, the maintenance of latest security patches for software itself or other applications and the configuration and management of operating system (OS) security. The reason for this is that security software is functionally limited and it is difficult for normal users to acquire knowledge required to manually perform such tasks.
Therefore, there is required an inspection and recovery automation system for virtual machine security, which can provide a secure virtual machine use environment and cope with hacking threats in cloud computing.
As a method of automating the security check of a virtual machine, a host vulnerability automatic inspection agent may be separately installed and operated in each virtual machine. Such a host vulnerability automatic inspection agent is advantageous in that inspections, such as the maintenance of the latest security patches of an OS and applications and the configuration of major security, may be automated.
However, since an agent must be installed in each virtual machine and is executed at the application level of the virtual machine, there is the concern that the results of inspection may be forged by a malicious user or malicious code.
As related preceding technology, U.S. Patent Application Publication No 2014  -0189873 discloses technology related to an automation system, which collects the configuration information of a host, analyzes the collected information based on information stored in a vulnerability database (DB), and calculates vulnerability scores.
As another related preceding technology, technology for presenting the results of analyzing the present state of information security management automation from various angles was published in the paper entitled “Information Security Automation: How Far Can We Go?” (Montesino, R. and S. Fenz) in IEEE Availability, Reliability and Security p 280-p 285, 22-26 Aug. 2011.