Kaspersky Lab has patented hardware antivirus

Thursday, February 18, 2010

Kaspersky Lab reported about the successful patenting in the U.S. hardware anti-virus system to effectively deal with rootkits. As part of the new technology are encouraged to use hardware anti-virus - a device neutralizing the most common type of threats - malicious programs which reside on a hard drive or infect existing files on it.

The patented anti-virus checks the data to be stored on the harddisk, identifies malware and blocks their entry. The inventor - chief technology experts from Kaspersky Lab Oleg Zaitsev. A patent for new technology is registered U.S. Patent Office on Feb. 2, 2010 under the number 7 657 941.

The patented device is placed between the storage device (hard drive or SSD) and computational units (CPU and memory) is connected to the system bus, or integrating into the hard disk controller. When using hardware anti-virus blocks or allows writing data to disk, producing reports of threats and their actions to the user (the dialogue with the user is possible if the PC hardware tools for managing anti-virus). The device can operate separately or in conjunction with antivirus software.

Due to the hardware rather than software implementation, invented the technology regardless of the configuration of the operating system and is effective for combating malicious programs that increase their privileges in the system, for example, such a dangerous threat as rootkits. Rootkits intercept operating system functions, which enables them to actively oppose their detection and removal by antivirus software, working in the same environment. Thus, rootkits are able to block the launch of anti-virus application, monitor its actions and restore deleted them malicious processes, change settings remove the registry, etc. In the case of hardware solutions are not working in an environment contaminated with the OS, all these methods are unsuccessful, and the rootkit will be quickly neutralized.

In the patented device uses its own updated anti-virus databases that are protected when upgrading from malicious code and erroneous entries. Proposed anti-virus has its own processor and memory, that is not consuming resources of the computer that is connected. If necessary, it can connect a separate power supply.