Detection and reporting of computer viruses
First Claim
1. A computer-implemented method for detecting viruses in a shared read-only file system, the method comprising:
- receiving a request from a virtual file system (VFS) layer, the request including a file identifier and an operation to be performed on the identified file;
determining whether the identified file is located on a read-only file system;
responsive to the identified file being located on a read-only file system;
determining that the identified file is of a type that should not be written;
generating an alarm, the alarm including indicia of the file.
1 Assignment
0 Petitions
Accused Products
Abstract
A system provides sharing of read-only file systems while at the same time providing each client of the read-only file system the ability to write to its own data store. Files can be either on a read-only persistent repository file system, or on a writeable persistent overlay file system. An “optimistic sharing” paradigm means that by default, everything on the file system is assumed to be read-only. If an attempt is made to modify a file—that is, a private copy is needed—the performance hit is typically minimal, because most written-to files are small. Even in the event of a larger file, the performance hit is a one-time cost. By intercepting attempts to write to files that should not be written to, viruses can be detected and alerts generated.
-
Citations
10 Claims
-
1. A computer-implemented method for detecting viruses in a shared read-only file system, the method comprising:
-
receiving a request from a virtual file system (VFS) layer, the request including a file identifier and an operation to be performed on the identified file;
determining whether the identified file is located on a read-only file system;
responsive to the identified file being located on a read-only file system;
determining that the identified file is of a type that should not be written;
generating an alarm, the alarm including indicia of the file. - View Dependent Claims (2)
-
-
3. A computer-implemented method for detecting viruses in a shared read-only file system, the method comprising:
-
receiving a request to write to a file;
determining that the file is located on a read-only data store;
determining whether the file is of a type that should be written;
responsive to the file not being of the type that that should be written, generating a virus warning alarm; and
responsive to the file being of type that should be written;
automatically copying the file to a writeable file system; and
writing to the copy of the file. - View Dependent Claims (4)
-
-
5. A computer-implemented method for detecting viruses in a shared read-only file system, the method comprising:
-
receiving a plurality of write requests, each write request identifying a file to be written;
determining that the files are located on a read-only storage device;
copying the files to a writeable storage device;
creating a mapping from each file to the copy of the file;
determining whether one of the copied files is of a type that should not be written; and
responsive to one of the copied files being of a type that should not be written, generating a virus warning alarm. - View Dependent Claims (6)
-
-
7. A system for detecting viruses in a shared read-only file system, the system comprising:
-
a file handling module for receiving from a file system a file identifier and an operation to be performed on the identified file;
a mapping module, communicatively coupled to the file handling module, for determining a mapping between the file identifier and a location of a file identified by the identifier;
a file system communication module, communicatively coupled to the mapping module, for;
determining whether the file is of a type that should not be written;
responsive to the file being of the type that should not be written, generating a virus warning alarm; and
responsive to the file not being of the type that should not be written, performing the operation on the identified file. - View Dependent Claims (8)
-
-
9. A computer program product for detecting viruses in a shared read-only file system, the computer program product stored on a computer-readable medium and including code configured to cause a processor to carry out the steps of:
-
receiving a request to write to a file;
determining that the file is located on a read-only data store;
determining whether the file is of a type that should be written;
responsive to the file not being of the type that that should be written, generating a virus warning alarm; and
responsive to the file being of type that should be written;
automatically copying the file to a writeable file system; and
writing to the copy of the file. - View Dependent Claims (10)
-
Specification