Anti-virus scanning co-processor
First Claim
1. A method for scanning data, comprising:
- a) executing scanning control logic utilizing a central processing unit;
b) identifying a request related to data at the central processing unit;
c) indicating a location of the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit;
d) waiting for results from the scanning co-processor;
e) executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and
f) initiating an event based on the results from the scanning co-processor;
wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit;
wherein it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data;
wherein the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria;
wherein additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor;
wherein the scanning co-processor is capable of performing an additional scan on the additional data while scanning the data;
wherein the location of the data indicated to the scanning co-processor includes a memory location of the data stored in memory, where the memory is separate from and coupled to the scanning co-processor and the central processing unit via a bus that employs direct memory access.
11 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided for scanning data. Initially, scanning control logic is executed utilizing a central processing unit. A request related to data is then identified at the central processing unit. In response to the request, the data is indicated to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic. The central processing unit then waits for results from the scanning co-processor. Additional logic is executed utilizing the central processing unit while waiting for the results from the scanning co-processor. An event is then initiated based on the results from the scanning co-processor. By this design, the scanning co-processor offloads intensive scanning operations from the central processing unit.
73 Citations
38 Claims
-
1. A method for scanning data, comprising:
-
a) executing scanning control logic utilizing a central processing unit; b) identifying a request related to data at the central processing unit; c) indicating a location of the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) waiting for results from the scanning co-processor; e) executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) initiating an event based on the results from the scanning co-processor; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria; wherein additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the scanning co-processor is capable of performing an additional scan on the additional data while scanning the data; wherein the location of the data indicated to the scanning co-processor includes a memory location of the data stored in memory, where the memory is separate from and coupled to the scanning co-processor and the central processing unit via a bus that employs direct memory access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for scanning data, comprising:
-
a) executing scanning control logic utilizing a central processing unit; b) identifying a request related to data at the central processing unit; c) indicating the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) waiting for results from the scanning co-processor; e) executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) initiating an event based on the results from the scanning co-processor; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria; wherein additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the central processing unit is coupled to the scanning co-processor via a bus. - View Dependent Claims (18)
-
-
19. A computer program product embodied on a tangible computer readable medium, comprising:
-
a) computer code for executing scanning control logic utilizing a central processing unit; b) computer code for identifying a request related to data at the central processing unit; c) computer code for indicating a location of the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) computer code for waiting for results from the scanning co-processor; e) computer code for executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) computer code for initiating an event based on the results from the scanning co-processor; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein the computer program product is operable such that it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the computer program product is operable such that the data is sent to tie scanning co-processor if it is determined that the data meets the predetermined criteria; wherein the computer program product is operable such that additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the scanning co-processor is capable of performing an additional scan on the additional data while scanning the data; wherein the location of the data indicated to the scanning co-processor includes a memory location of the data stored in memory, where the memory is separate from and coupled to the scanning co-processor and the central processing unit via a bus that employs direct memory access. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A computer program product embodied on a tangible computer readable medium, comprising:
-
a) computer code for executing scanning control logic utilizing a central processing unit; b) computer code for identifying a request related to data at the central processing unit; c) computer code for indicating a location of the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) computer code for waiting for results from the scanning co-processor; e) computer code for executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) computer code for initiating an event based on the results from the scanning co-processor; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein the computer program product is operable such that it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the computer program product is operable such that the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria; wherein the computer program product is operable such that additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the central processing unit is coupled to the scanning co-processor via a bus.
-
-
32. A system including a tangible computer readable medium, comprising:
-
one or more processors executing; a) logic for executing scanning control logic utilizing a central processing unit; b) logic for identifying a request related to data at the central processing unit; c) logic for indicating a location of the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) logic for waiting for results from the scanning co-processor; e) logic for executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) logic for initiating an event based on the results from the scanning co-processor;
wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit;wherein the system is operable such that it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the system is operable such that the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria; wherein the system is operable such that additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the scanning co-processor is capable of performing an additional scan on the additional data while scanning the data; wherein the location of the data indicated to the scanning co-processor includes a memory location of the data stored in memory, where the memory is separate from and coupled to the scanning co-processor and the central processing unit via a bus that employs direct memory access.
-
-
33. A method for scanning data, comprising:
-
a) executing scanning control logic utilizing a central processing unit; b) identifying a request related to data at the central processing unit; c) determining whether the data meets a predetermined criteria utilizing the central processing unit under the control of the scanning control logic; d) indicating a location of the data to a scanning co-processor coupled to the central processing unit if it is determined that the data meets the predetermined criteria; e) collecting scanning information from additional memory on the scanning co-processor; f) scanning the data with the scanning co-processor utilizing the scanning information under the control of the scanning control logic for offloading scanning operations from the central processing unit; g) waiting for results from the scanning co-processor; h) executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; i) queuing additional data to be scanned by the scanning co-processor while waiting for the results from the scanning co-processor; j) initiating a security event upon the receipt of unfavorable results from the scanning co-processor including a situation where malicious code is detected; and k) processing the data utilizing the central processing unit upon the receipt of favorable results from the scanning co-processor including a situation where malicious code is not detected; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein the criteria is based on a type of a file associated with the data; wherein the scanning co-processor is capable of performing an additional scan on the additional data while scanning the data; wherein the location of the data indicated to the scanning co-processor includes a memory location of the data stored in memory, where the memory is separate from and coupled to the scanning co-processor and the central processing unit via a bus that employs direct memory access.
-
-
34. A system including tangible computer readable medium for scanning data, comprising:
-
a) means for executing scanning control logic utilizing a central processing unit; b) means for identifying a request related to data at the central processing unit; c) means for determining whether the data meets a predetermined criteria utilizing the central processing unit under the control of the scanning control logic; d) means for indicating a location of the data to a scanning co-processor coupled to the central processing unit if it is determined that the data meets the predetermined criteria; e) means for collecting scanning information from additional memory on the scanning co-processor; f) means for scanning the data with the scanning co-processor utilizing the scanning information under the control of the scanning control logic for offloading scanning operations from the central processing unit; g) means for waiting for results from the scanning co-processor; h) means for executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; i) means for queuing additional data to be scanned by the scanning co-processor while waiting for the results from the scanning co-processor; j) means for initiating a security event upon the receipt of unfavorable results from the scanning co-processor including a situation where malicious code is detected; and k) means for processing the data utilizing the central processing unit upon the receipt of favorable results from the scanning co-processor including a situation where malicious code is not detected; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein the criteria is based on a type of a file associated with the data; wherein the scanning co-processor is capable of performing an additional scan on the additional data while scanning the data; wherein the location of the data indicated to the scanning co-processor includes a memory location of the data stored in memory, where the memory is separate from and coupled to the scanning co-processor and the central processing unit via a bus that employs direct memory access. - View Dependent Claims (36)
-
-
35. A system, comprising:
-
a) means for executing scanning control logic utilizing a central processing unit; b) means for identifying a request related to data at the central processing unit; c) means for determining whether the data meets a predetermined criteria utilizing the central processing unit under the control of the scanning control logic; d) means for indicating a location of the data to a scanning co-processor coupled to the central processing unit if it is determined that the data meets the predetermined criteria; e) means for collecting scanning information from additional memory on the scanning co-processor; f) means for scanning the data with the scanning co-processor utilizing the scanning information under the control of the scanning control logic for offloading scanning operations from the central processing unit; g) means for waiting for results from the scanning co-processor; h) means for executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; i) means for queuing additional data to be scanned by the scanning co-processor while waiting for the results from the scanning co-processor; j) means for initiating a security event upon the receipt of unfavorable results from the scanning co-processor including a situation where malicious code is detected; and k) means for processing the data utilizing the central processing unit upon the receipt of favorable results from the scanning co-processor including a situation where malicious code is not detected; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein the criteria is based on a type of a file associated with the data; wherein the system is operable such that the scanning information is updated via a network periodically.
-
-
37. A method for scanning data, comprising:
-
a) executing scanning control logic utilizing a central processing unit; b) identifying a request related to data at the central processing unit; c) indicating the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) waiting for results from the scanning co-processor; e) executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) initiating an event based on the results from the scanning co-processor; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria; wherein additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the scanning control logic is executed automatically when a computer is booted up.
-
-
38. A method for scanning data, comprising:
-
a) executing scanning control logic utilizing a central processing unit; b) identifying a request related to data at the central processing unit; c) indicating the data to a scanning co-processor coupled to the central processing unit so that the data is scanned by the scanning co-processor under the control of the scanning control logic for offloading scanning operations from the central processing unit; d) waiting for results from the scanning co-processor; e) executing additional logic utilizing the central processing unit while waiting for the results from the scanning co-processor; and f) initiating an event based on the results from the scanning co-processor; wherein the scanning co-processor is under the control of the central processing unit via the execution of the scanning control logic by the central processing unit; wherein it is determined whether the data meets a predetermined criteria, where the criteria is based on a type of a file associated with the data; wherein the data is sent to the scanning co-processor if it is determined that the data meets the predetermined criteria; wherein additional data to be scanned by the scanning co-processor is queued while waiting for the results from the scanning co-processor; wherein the scanning control logic is executed using software logic run by a bios.
-
Specification