System to Bypass a Compromised Mass Storage Device Driver Stack and Method Thereof
First Claim
Patent Images
1. A method to circumvent malicious software in a computing device, the method comprising:
- identifying a dump port driver having a function;
transmitting at least one command configured to obtain information related to a physical hardware device, the physical hardware device (i) in communication with the computing device and (ii) configured to execute an I/O command; and
causing the function to be executed for transmission of the I/O command to the physical hardware device using the request block.
10 Assignments
0 Petitions
Accused Products
Abstract
A method to circumvent malicious software via a system configured to bypass a device driver stack and, consequently, also bypass the malicious software that may be adversely affecting the device driver stack by using an alternative stack such as a crash dump I/O stack. The crash dump I/O stack is poorly documented relative to the device driver stack and functions independently from the device driver stack.
-
Citations
27 Claims
-
1. A method to circumvent malicious software in a computing device, the method comprising:
-
identifying a dump port driver having a function; transmitting at least one command configured to obtain information related to a physical hardware device, the physical hardware device (i) in communication with the computing device and (ii) configured to execute an I/O command; and causing the function to be executed for transmission of the I/O command to the physical hardware device using the request block. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method to circumvent malicious software in a computing device via a physical hardware device linked to a computing device, the method comprising:
-
identifying a dump port driver; getting boot device information to enable transmission of an I/O command to a boot device; determining an entry point for a function for transmitting the command to the physical hardware device; instantiating and initializing a request block; and causing the function to be executed for transmission of the command to the physical hardware device using the request block. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system to command a physical hardware device in communication with a computing device, the system comprising:
-
a bypass command driver configured to identify a dump port driver, obtain boot device information, find a function, instantiate a request block, and call the function, the dump port driver in communication with the bypass command driver; a computer program comprising the function, the function configured to transmit a command to the physical hardware device; a mini port driver in communication with the dump port driver; a bus driver in communication with the mini port driver and the dump port driver; a hardware bus in communication with the bus driver; and a physical hardware device in communication with the hardware bus, wherein the request block is configured for use by the function in transmitting the command. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A bypass command driver configured to cause data transfer in a computer system having a physical hardware device or an object representing the physical hardware device by (i) identifying a dump port driver in communication with the computer system and (ii) obtaining boot device information, the computer system having (i) a computer program capable of transmitting a command to the physical hardware device, (ii) a mini port driver in communication with the dump port driver, (iii) a bus driver in communication with the mini port driver and/or the dump port driver, and (iv) a hardware bus in communication with the bus driver, the bypass command driver comprising:
a set of instructions configured to be executed by the computer system.
Specification