SYSTEM AND METHOD FOR BELOW-OPERATING SYSTEM TRAPPING AND SECURING LOADING OF CODE INTO MEMORY
First Claim
1. A system for protecting an electronic device against malware, comprising:
- a memory;
an operating system configured to execute on the electronic device;
a below-operating-system security agent configured to;
trap an attempted access of a resource of the electronic device, the attempted access comprising;
attempting to write instructions to the memory; and
attempting to execute the instructions;
access one or more security rules to determine whether the attempted access is indicative of malware; and
operate at a level below all of the operating systems of the electronic device accessing the memory.
10 Assignments
0 Petitions
Accused Products
Abstract
A system for protecting an electronic device against malware includes a memory, an operating system configured to execute on the electronic device, and a below-operating-system security agent. The below-operating-system security agent is configured to trap an attempted access of a resource of the electronic device, access one or more security rules to determine whether the attempted access is indicative of malware, and operate at a level below all of the operating systems of the electronic device accessing the memory. The attempted access includes attempting to write instructions to the memory and attempting to execute the instructions.
110 Citations
30 Claims
-
1. A system for protecting an electronic device against malware, comprising:
-
a memory; an operating system configured to execute on the electronic device; a below-operating-system security agent configured to; trap an attempted access of a resource of the electronic device, the attempted access comprising; attempting to write instructions to the memory; and attempting to execute the instructions; access one or more security rules to determine whether the attempted access is indicative of malware; and operate at a level below all of the operating systems of the electronic device accessing the memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for protecting an electronic device against malware, comprising:
-
trapping an attempted access of a resource of an electronic device, the attempted access comprising; attempting to write instructions to a memory of the electronic device, the memory comprising the resource; and attempting to execute the instructions; accessing one or more security rules to determine whether the attempted access is indicative of malware; wherein the trapping of the attempted access and determining whether the attempted access is indicative of malware is conducted at a level below all of the operating systems of the electronic device accessing the memory. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An article of manufacture, comprising:
-
a computer readable medium; and computer-executable instructions carried on the computer readable medium, the instructions readable by a processor, the instructions, when read and executed, for causing the processor to; trap an attempted access of a resource of an electronic device, the attempted access comprising; attempting to write instructions to a memory of the electronic device, the memory comprising the resource; and attempting to execute the instructions; access one or more security rules to determine whether the attempted access is indicative of malware; wherein the processor is configured to conduct the trapping of the attempted access and determining whether the attempted access is indicative of malware at a level below all of the operating systems of the electronic device accessing the memory. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification