On-access malware scanning
First Claim
1. A computer program product stored on a computer recordable medium for controlling a computer, said computer program product comprising:
- (i) scan request receiving logic operable to receive a request to perform an on-access malware scan upon a computer file to which access is to be made;
(ii) scan dividing logic operable to divide said on-access malware scan into a plurality of tasks;
(iii) task issuing logic operable to issue said plurality of tasks to be performed by a plurality of different computers; and
(iv) result collating logic operable to collate a plurality of task results corresponding to said plurality of tasks and received from said plurality of different computer to form a scan result corresponding to said on-access malware scan;
wherein said scan dividing logic divides said on-access malware scan in response to a complexity metric exceeding a predetermined threshold, where the complexity metric is dependent on at least one parameter;
wherein the complexity metric is dependent on a plurality of parameters including a computer file type, a level of nesting of embedded computer files, an initial attempt to scan said computer file which exceeded a predetermined time, and a level of utilization of a local processor.
11 Assignments
0 Petitions
Accused Products
Abstract
An on-access malware scanner (anti-virus, e-mail scanner) is provided which determines whether a scan to be performed has above a threshold level of complexity and if so divides the scan into a plurality of different tasks. These different tasks are then delegated to further computers (50, 52, 54) in a distributed processing approach with the further computers then returning their task results to the coordinating computer for combination to form an overall scan result. Computer files containing embedded files may be divided into separate computer files that are scanned as separate tasks. Furthermore, an individual computer file may be scanned for different properties by different computers as separate tasks. The selection of which tasks to distribute to which further computers may be made in dependence upon the complexity of the task to be delegated, the communication channel bandwidth to that further computer and the processing resources available at that further computer.
66 Citations
16 Claims
-
1. A computer program product stored on a computer recordable medium for controlling a computer, said computer program product comprising:
-
(i) scan request receiving logic operable to receive a request to perform an on-access malware scan upon a computer file to which access is to be made; (ii) scan dividing logic operable to divide said on-access malware scan into a plurality of tasks; (iii) task issuing logic operable to issue said plurality of tasks to be performed by a plurality of different computers; and (iv) result collating logic operable to collate a plurality of task results corresponding to said plurality of tasks and received from said plurality of different computer to form a scan result corresponding to said on-access malware scan; wherein said scan dividing logic divides said on-access malware scan in response to a complexity metric exceeding a predetermined threshold, where the complexity metric is dependent on at least one parameter; wherein the complexity metric is dependent on a plurality of parameters including a computer file type, a level of nesting of embedded computer files, an initial attempt to scan said computer file which exceeded a predetermined time, and a level of utilization of a local processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product stored on a computer recordable medium for controlling a computer, said computer program product comprising:
-
(i) scan request receiving logic operable to receive a request to perform an on-access malware scan upon a computer file to which access is to be made; (ii) scan dividing logic operable to divide said on-access malware scan into a plurality of tasks; (iii) task issuing logic operable to issue said plurality of tasks to be performed by a plurality of different computers; and (iv) result collating logic operable to collate a plurality of task results corresponding to said plurality of tasks and received from said plurality of different computers to form a scan result corresponding to said on-access malware scan; wherein said scan dividing logic divides said on-access malware scan in response to a complexity metric exceeding a predetermined threshold, where the complexity metric is dependent on at least one parameter; wherein an amount of said complexity metric that exceeds said predetermined threshold determines a number of tasks into which said on-access malware scan is divided. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification