Invention Grant
US09032525B2 System and method for below-operating system trapping of driver filter attachment
有权
驱动器过滤器附件的操作系统捕获的系统和方法
- Patent Title: System and method for below-operating system trapping of driver filter attachment
- Patent Title (中): 驱动器过滤器附件的操作系统捕获的系统和方法
-
Application No.: US13075101Application Date: 2011-03-29
-
Publication No.: US09032525B2Publication Date: 2015-05-12
- Inventor: Ahmed Said Sallam
- Applicant: Ahmed Said Sallam
- Applicant Address: US CA Santa Clara
- Assignee: McAfee, Inc.
- Current Assignee: McAfee, Inc.
- Current Assignee Address: US CA Santa Clara
- Agency: Baker Botts L.L.P.
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/56
Abstract:
A system for protecting an electronic system against malware includes an operating system configured to execute on the electronic device, a driver coupled to the operating system, and a below-operating-system security agent. The below-operating-system security agent is configured to identify one or more resources for changing filters of the driver, trap an attempted access of the one or more resources that originates from the operational level of the operating system, access one or more security rules to determine whether the attempted access is indicative of malware, and operate at a level below all of the operating systems of the electronic system accessing the one or more resources for changing filters of the driver.
Public/Granted literature
- US08650641B2 System and method for below-operating system trapping of driver filter attachment Public/Granted day:2014-02-11
Information query
