Dynamic management of resource utilization by an antivirus application

US 8,631,492 B2
Filed: 12/17/2012
Issued: 01/14/2014
Est. Priority Date: 03/14/2012
Status: Active Grant

First Claim

Patent Images

1. In a computing device comprising a plurality of computing resources and an operating system interfaced with the computing resources, a system for dynamic management of utilization of computing capacity by an antivirus application, the system comprising:

a plurality of distinct security modules defined by program instructions associated with the antivirus application and stored in a non-transitory data storage medium of the computing device that, when executed, cause the computing device to provide a corresponding security-related functionality based on one or more adjustable operational parameters, wherein adjustment of the one or more adjustable operational parameters for each of the security modules affects allocation of available computing capacity needed to execute the security-related functionality of that security module;

a dynamic adaptation module defined by program instructions associated with the antivirus application and stored in a non-transitory data storage medium of the computing device that, when executed, cause the computing device to;

access a resource requirements data structure stored in a non-transitory data storage medium, the resource requirements data structure containing an identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality;

determine a current state of authorization granted to the antivirus application to access each of the plurality of computing resources via the operating system;

compare the current state of authorization with the identification of the computing resources required by at least one of the security modules to produce a comparison result; and

automatically adjust the one or more adjustable operational parameters for the at least one of the security modules based on the comparison result such that, in response to a determination that the current state of authorization is insufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality, the one or more operational parameters of the at least one of the security modules are adjusted to disable the corresponding functionality and to thereby de-allocate a portion of the computing capacity needed to execute that corresponding functionality.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System and method for dynamically managing utilization of computing capacity by an antivirus application having distinct security modules configurable by adjustment of operational parameters. An identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality is obtained. A current state of authorization granted to the antivirus application to access each of the plurality of computing resources is determined. The operational parameters are adjusted for the at least one of the security modules in response to a determination that the current state of authorization is insufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality. The operational parameters are adjusted to disable the corresponding functionality and to thereby de-allocate a portion of the computing capacity needed to execute that corresponding functionality.

Citations

26 Claims

1. In a computing device comprising a plurality of computing resources and an operating system interfaced with the computing resources, a system for dynamic management of utilization of computing capacity by an antivirus application, the system comprising:
- a plurality of distinct security modules defined by program instructions associated with the antivirus application and stored in a non-transitory data storage medium of the computing device that, when executed, cause the computing device to provide a corresponding security-related functionality based on one or more adjustable operational parameters, wherein adjustment of the one or more adjustable operational parameters for each of the security modules affects allocation of available computing capacity needed to execute the security-related functionality of that security module;
  
  a dynamic adaptation module defined by program instructions associated with the antivirus application and stored in a non-transitory data storage medium of the computing device that, when executed, cause the computing device to;
  
  access a resource requirements data structure stored in a non-transitory data storage medium, the resource requirements data structure containing an identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality;
  
  determine a current state of authorization granted to the antivirus application to access each of the plurality of computing resources via the operating system;
  
  compare the current state of authorization with the identification of the computing resources required by at least one of the security modules to produce a comparison result; and
  
  automatically adjust the one or more adjustable operational parameters for the at least one of the security modules based on the comparison result such that, in response to a determination that the current state of authorization is insufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality, the one or more operational parameters of the at least one of the security modules are adjusted to disable the corresponding functionality and to thereby de-allocate a portion of the computing capacity needed to execute that corresponding functionality.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system of claim 1, wherein the dynamic adaptation module stores the resource requirements data structure using the computing resources of the computing device.
  - 3. The system of claim 1, wherein the identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality indicates the computing resources needed for full functionality of each of the security modules.
  - 4. The system of claim 1, wherein the identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality indicates the computing resources needed for a predefined minimal essential functionality of each of the security modules.
  - 5. The system of claim 1, wherein the identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality indicates the computing resources needed for certain specified individual functions of certain security modules having multiple functions.
  - 6. The system of claim 1, wherein the antivirus application is subject to a particular set of rights granted to a user account that the antivirus application is serving.
  - 7. The system of claim 1, wherein the dynamic adaptation module includes a functionality adaptation tool configured to make the determination as to whether the current state of authorization is insufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform corresponding functionality.
  - 8. The system of claim 1, wherein the dynamic adaptation module is configured to adjust the one or more operational parameters by enabling and disabling entire security modules.
  - 9. The system of claim 1, wherein the dynamic adaptation module is configured to adjust the one or more operational parameters by enabling and disabling certain portions of the security modules to individually control certain functions of the security modules.
  - 10. The system of claim 1, wherein the dynamic adaptation module is configured to automatically adjust the one or more adjustable operational parameters for at least one of the security modules based on the comparison result such that, in response to a determination that the current state of authorization is sufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality, the one or more operational parameters of the at least one of the security modules are adjusted to enable the corresponding functionality and to thereby allocate a portion of the computing capacity needed to execute that corresponding functionality.
  - 11. The system of claim 1, wherein said at least one of the security modules that are subject to adjustment of operational parameters by the dynamic adaptation module include only a subset of all of the security modules present in the antivirus application, wherein the subset includes selected security modules that have relatively higher resource requirements for their operation than the security modules not included in the subset.
  - 12. The system of claim 1, wherein the dynamic adaptation module includes a computing capacity determining tool configured to collect information indicative of a current operational load of the computing device;
    - andwherein the dynamic adaptation module is configured to adjust the one or more operational parameters only in response to the current operational load being above a workload threshold.
  - 13. The system of claim 12, wherein the workload threshold is a dynamic threshold that is automatically adjustable based on a current nature of use of the computer system.
  - 14. The system of claim 13, wherein the current nature of the use of the computer system is automatically determined periodically.
  - 15. The system of claim 13, wherein the current nature of the use of the computer system is automatically determined based on events indicative of a level of utilization of computing resources.

16. In a computing device comprising a plurality of computing resources and an operating system interfaced with the computing resources, a method for dynamically managing utilization of computing capacity by an antivirus application, the method comprising:
- storing, by the computing device, a plurality of distinct security modules that cause the computing device to provide a corresponding security-related functionality based on one or more adjustable operational parameters, wherein adjustment of the one or more adjustable operational parameters for each of the security modules affects allocation of available computing capacity needed to execute the security-related functionality of that security module;
  
  obtaining, by the computing device, an identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality;
  
  determining, by the computing device, a current state of authorization granted to the antivirus application to access each of the plurality of computing resources via the operating system;
  
  comparing, by the computing device, the current state of authorization with the identification of the computing resources required by at least one of the security modules to produce a comparison result; and
  
  automatically adjusting, by the computing device, the one or more adjustable operational parameters for the at least one of the security modules based on the comparison result such that, in response to a determination that the current state of authorization is insufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality, the one or more operational parameters of the at least one of the security modules are adjusted to disable the corresponding functionality and to thereby de-allocate a portion of the computing capacity needed to execute that corresponding functionality.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The method of claim 16, wherein the identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality indicates the computing resources needed for a predefined minimal essential functionality of each of the security modules.
  - 18. The method of claim 16, wherein the identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality indicates the computing resources needed for certain specified individual functions of certain security modules having multiple functions.
  - 19. The method of claim 16, wherein the identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality indicates the computing resources needed for full functionality of each of the security modules.
  - 20. The method of claim 16, wherein the automatically adjusting of the one or more operational parameters includes enabling and disabling entire security modules.
  - 21. The method of claim 16, wherein the automatically adjusting of the one or more operational parameters includes enabling and disabling certain portions of the security modules to individually control certain functions of the security modules.
  - 22. The method of claim 16, further comprising:
    - automatically adjusting the one or more adjustable operational parameters for at least one of the security modules based on the comparison result such that, in response to a determination that the current state of authorization is sufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality, the one or more operational parameters of the at least one of the security modules are adjusted to enable the corresponding functionality and to thereby allocate a portion of the computing capacity needed to execute that corresponding functionality.
  - 23. The method of claim 16, wherein said at least one of the security modules that are subject to adjustment of operational parameters by the dynamic adaptation module include only a subset of all of the security modules present in the antivirus application, wherein the subset includes selected security modules that have relatively higher resource requirements for their operation than the security modules not included in the subset.
  - 24. The method of claim 16, further comprising:
    - automatically collecting, by the computing device, information indicative of a current operational load of the computing device; and
      
      adjusting the one or more operational parameters only in response to the current operational load being above a workload threshold.
  - 25. The method of claim 24, further comprising dynamically adjusting the workload threshold based on a current nature of use of the computer system.

26. In a computing device comprising a plurality of computing resources and an operating system interfaced with the computing resources, a system for dynamically managing utilization of computing capacity by an antivirus application, the system comprising:
- means for storing a plurality of distinct security modules that cause the computing device to provide a corresponding security-related functionality based on one or more adjustable operational parameters, wherein adjustment of the one or more adjustable operational parameters for each of the security modules affects allocation of available computing capacity needed to execute the security-related functionality of that security module;
  
  means for obtaining an identification of the computing resources required by each of the security modules to perform certain corresponding security-related functionality;
  
  means for determining by the computing device a current state of authorization granted to the antivirus application to access each of the plurality of computing resources via the operating system;
  
  means for comparing by the computing device the current state of authorization with the identification of the computing resources required by at least one of the security modules to produce a comparison result; and
  
  means for adjusting the one or more adjustable operational parameters for the at least one of the security modules based on the comparison result such that, in response to a determination that the current state of authorization is insufficient for the antivirus application to access certain ones of the computing resources required by the at least one of the security modules to perform its corresponding functionality, the one or more operational parameters of the at least one of the security modules are adjusted to disable the corresponding functionality and to thereby de-allocate a portion of the computing capacity needed to execute that corresponding functionality.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lab A.O. Kaspersky
Original Assignee
Kaspersky Lab ZAO
Inventors
Yablokov, Victor V.
Primary Examiner(s)
EDWARDS, LINGLAN E

Application Number

US13/717,332
Publication Number

US 20130247202A1
Time in Patent Office

393 Days
Field of Search

726/1, 726/24, 718/104, 718/105
US Class Current

726/22
CPC Class Codes

G06F 21/56 Computer malware detection ...

G06F 21/561 Virus type analysis

Dynamic management of resource utilization by an antivirus application

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic management of resource utilization by an antivirus application

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links