AUTOMATIC HARDWARE-BASED RECOVERY OF A COMPROMISED COMPUTER
First Claim
Patent Images
1. A method comprising:
- calculating, with an auxiliary circuit within a computing device, an integrity verification value for a boot component of the computing device, wherein the boot component comprises program instructions required for execution by a processor of the computing device to place the computing device into an operating mode;
determining whether the calculated integrity verification value is associated with an acceptable boot component; and
replacing, with the auxiliary circuit of the computing device, the boot component with a copy of a trusted version of the boot component when the integrity verification value is not associated with an acceptable boot component.
1 Assignment
0 Petitions
Accused Products
Abstract
In general, techniques are described for hardware-based detection and automatic restoration of a computing device from a compromised state. Moreover, the techniques provide for automatic, hardware-based restoration of selective software components from a trusted repository. The hardware-based detection and automatic restoration techniques may be integrated within a boot sequence of a computing device so as to efficiently and cleanly replace only any infected software component.
66 Citations
33 Claims
-
1. A method comprising:
-
calculating, with an auxiliary circuit within a computing device, an integrity verification value for a boot component of the computing device, wherein the boot component comprises program instructions required for execution by a processor of the computing device to place the computing device into an operating mode; determining whether the calculated integrity verification value is associated with an acceptable boot component; and replacing, with the auxiliary circuit of the computing device, the boot component with a copy of a trusted version of the boot component when the integrity verification value is not associated with an acceptable boot component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computing device containing an auxiliary circuit that comprises:
-
an integrity verification value calculator circuit configured to calculate an integrity verification value for a boot component of the computing device, wherein the boot component comprises program instructions required for execution by a processor of the computing device to place the computing device into an operating mode; an infection detection circuit configured to determine whether the integrity verification value is associated with an acceptable boot component; and a recovery circuit configured to replace the boot component with a copy of a trusted version of the boot component when the integrity verification value is not associated with an acceptable boot component. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A system comprising:
-
a computing device; a trusted boot component server that stores trusted versions of boot components for the computing device, wherein the computing device contains an auxiliary circuit comprising; an integrity verification value calculator circuit that calculates an integrity verification value for a boot component of the computing device, wherein the boot component comprises program instructions required for execution by a processor of the computing device to place the computing device into an operating mode; an infection detection circuit that determines whether the integrity verification value is associated with an acceptable boot component; and a recovery circuit that replaces the boot component with a copy of a trusted version of the boot component received from the trusted boot component server when the integrity verification value is not associated with an acceptable boot component. - View Dependent Claims (33)
-
Specification