Kaspersky Patents Hardware-Based Antivirus (PC Magazine)

Kaspersky Lab has declared they hit conventional a U.S. papers for a hardware-based antivirus solution. The declaration emphasizes that the element operates beneath the take of rootkits and thence can't be bypassed by them.

The patent, #7,657,941, is entitled "Hardware-based anti-virus system," is awarded to creator Oleg V. Zaitsev (Technology Expert at Kaspersky Lab) and appointed to Kaspersky. The nonfigurative reads:

An anti-virus (AV) grouping supported on a hardware-implemented AV power for curing pussy machine systems and a method for updating AV databases for trenchant curing of the machine system. The hardware-based AV grouping is settled between a PC and a round device. The hardware-based AV grouping crapper be implemented as a removed figure or it crapper be desegrated into a round controller. An update method of the AV databases uses a two-phase approach. First, the updates are transferred to from a trusty programme to an update facet of the AV system. Then, the updates are verified within the AV grouping and the AV databases are updated. The AV grouping has its possess mainframe and module and crapper be utilised in compounding with AV application.So it seems this figure is an actualised removed machine streaming an embedded AV application. While the advise promulgation and nonfigurative accent that the AV functionality doesn't strictly requirement a code duplication streaming in the patron system, it does requirement patron code in visit to update itself, because the AV element won't hit meshwork access. This update covering module requirement to be trusty and hard against attack.

The travail of sleuthing rootkits erst they hit installed does call for bizarre measures. Whether a element move is genuinely more trenchant relic to be seen. If the figure is meet an AV grouping streaming beneath the take of the rootkit then the transformation module be small, as it module ease exclusive control as substantially as the mode effect allows. If the fact that the figure is streaming beneath rootkits allows it to separate formula tests which are meliorate confident of sleuthing rootkit activity then the disagreement could be substantial.

There is added plus to hardware-based AV: Because the figure has its possess mainframe and module and bottom code streaming on the patron PC, the action effect on the PC module be lessened. But in fact, this figure crapper not be a rank section solution, since it crapper exclusive guardian round operations. Modern section suites also guardian meshwork connections, for example.

Originally posted to the PCMag.com section blog, Security Watch.