Device and method for providing SOC-based anti-malware service, and interface method

US 8,973,130 B2
Filed: 07/21/2011
Issued: 03/03/2015
Est. Priority Date: 07/21/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A mobile device comprising:

a system-on-chip (SOC) comprising an anti-malware system and a firewall (FW) application executed by the SOC, wherein the SOC filters packet data and the FW application receives the data filtered by the SOC;

a storage unit which stores a library which is a collection of operations provided for use in the SOC providing the anti-malware system; and

a scanning data sender which runs on an operating system that is external to the SOC and is executed by the mobile device, forms SOC transmission data with scanning data to be scanned for viruses by calling at least one of the operations, and transmits the SOC transmission data to the SOC from a location external to the SOC; and

a sender, wherein the SOC stores a pattern rule DB and the sender transmits, to the SOC, data for updating the pattern rule DB stored in the SOC,wherein the operations relate to at least one of virus scanning, packet data filtering, virus pattern database (DB) updating, rule pattern DB updating, encrypting and decrypting, and hash value calculating, which are performed in the SOC,wherein the scanning data sender forms the SOC transmission data to comprise an item indicating a type of the anti-malware system, the scanning data, and a command to scan, andwherein the SOC comprises a malware manager which determines what type of the anti-malware system is related to the SOC transmission data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device in which a system-on-chip (SOC) providing an anti-malware service is mounted and a method of performing the anti-malware service are provided. The device includes: a storage unit which stores a function library which is a collection of operations provided for use in the SOC providing the anti-malware service; and a scanning data sender which forms SOC transmission data with data to be scanned for viruses by calling at least one of the operations, and transmits the SOC transmission data to the SOC. Accordingly, a mobile device scans files for viruses and filters packets at a high speed.

34 Citations

View as Search Results

20 Claims

1. A mobile device comprising:
- a system-on-chip (SOC) comprising an anti-malware system and a firewall (FW) application executed by the SOC, wherein the SOC filters packet data and the FW application receives the data filtered by the SOC;
  
  a storage unit which stores a library which is a collection of operations provided for use in the SOC providing the anti-malware system; and
  
  a scanning data sender which runs on an operating system that is external to the SOC and is executed by the mobile device, forms SOC transmission data with scanning data to be scanned for viruses by calling at least one of the operations, and transmits the SOC transmission data to the SOC from a location external to the SOC; and
  
  a sender, wherein the SOC stores a pattern rule DB and the sender transmits, to the SOC, data for updating the pattern rule DB stored in the SOC,wherein the operations relate to at least one of virus scanning, packet data filtering, virus pattern database (DB) updating, rule pattern DB updating, encrypting and decrypting, and hash value calculating, which are performed in the SOC,wherein the scanning data sender forms the SOC transmission data to comprise an item indicating a type of the anti-malware system, the scanning data, and a command to scan, andwherein the SOC comprises a malware manager which determines what type of the anti-malware system is related to the SOC transmission data.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The mobile device as claimed in claim 1, further comprises:
    - a communication interface unit which operates the SOC using the library; and
      
      a protocol unit which exchanges an operating command and an operation with the SOC through the communication interface unit.
  - 3. The mobile device as claimed in claim 1, wherein the scanning data sender forms the SOC transmission data to comprise the scanning data and the command to scan.
  - 4. The mobile device as claimed in claim 1, wherein the SOC stores a malware pattern DB which is used for scanning the scanning data.
  - 5. The mobile device as claimed in claim 4, further comprising a sender which transmits data for updating the malware pattern DB stored in the SOC to the SOC.
  - 6. The mobile device as claimed in claim 1, further comprising a message receiver which is notified by the SOC of a result of scanning the scanning data.

7. A method of providing a system-on-chip (SOC)-based anti-malware service of a mobile device, the method comprising:
- forming, by the mobile device, SOC transmission data comprising a command and an item indicating a type of the anti-malware service; and
  
  transmitting, by a scanning data sender on the mobile device which runs on an operating system that is external to the SOC and is executed by the mobile device, the SOC transmission data to an SOC mounted in the mobile device, from a location external to the SOC,wherein the SOC performs a virus scanning operation or a packet filtering operation according to the command included in the SOC transmission data,wherein the SOC determines whether the anti-malware service relates to the packet filtering operation or the virus scanning operation by referring to the item of the SOC transmission data indicating the type of the anti-malware service,wherein the SOC stores a rule pattern DB for the packet filtering operation and a virus pattern DB for the virus scanning operation,wherein the SOC transmission data comprising the command and the item indicating the type of the anti-malware service is at least one of;
  
  first SOC transmission data comprising virus scanning data and a first command to scan;
  
  second SOC transmission data comprising a virus pattern DB for updating and a second command to update a virus pattern DB; and
  
  third SOC transmission data comprising a filtering rule list for updating and a third command to update a rule pattern DB, andwherein the second SOC transmission data further comprises a hash coefficient which is generated based on the virus pattern DB pre-stored in the SOC and the virus pattern DB for updating.
- View Dependent Claims (8, 9, 10, 11, 19)
- - 8. The method as claimed in claim 7, wherein the SOC simultaneously performs the packet filtering operation and the virus scanning operation with respect to data to be filtered.
  - 9. The method as claimed in claim 7, further comprising dividing, by the mobile device, scanning data by a predetermined size,wherein the first SOC transmission data comprises the divided scanning data.
  - 10. The method as claimed in claim 7, wherein the mobile device stores a library which is a collection of operations for use in the SOC and forms the SOC transmission data by calling at least one of the operations.
  - 11. The method as claimed in claim 10, wherein the operations relate at least one of virus scanning, packet data filtering, virus pattern DB updating, and rule pattern DB updating, which are performed in the SOC.
  - 19. A non-transitory computer readable recording medium having recorded thereon a program executable by a computer for performing the method of claim 7.

12. A method of providing a system-on-chip (SOC)-based anti-malware service, the method comprising:
- storing a library which is a collection of operations for use in a SOC in a mobile device in which the SOC is mounted;
  
  forming, by the mobile device, SOC transmission data with scanning data to be scanned for viruses by calling at least one of the operations included in the library; and
  
  transmitting, by a scanning data sender on the mobile device which runs on an operating system that is external to the SOC and is executed by the mobile device, the SOC transmission data for the scanning data to the SOC, from a location external to the SOC,wherein the operations relate to at least one of virus scanning, packet data filtering, virus pattern DB updating, and rule pattern DB updating, which are performed in the SOC,wherein the SOC determines whether the anti-malware service relates to the packet filtering operation or the virus scanning operation by referring to an item of the SOC transmission data indicating a type of the anti-malware service,wherein the SOC stores a rule pattern DB for the packet filtering operation and a virus pattern DB for the virus scanning operation,wherein the SOC transmission data comprising a command and the item indicating the type of the anti-malware service is at least one of;
  
  first SOC transmission data comprising virus scanning data and a first command to scan;
  
  second SOC transmission data comprising a virus pattern DB for updating and a second command to update a virus pattern DB; and
  
  third SOC transmission data comprising a filtering rule list for updating and a third command to update a rule pattern DB, andwherein the second SOC transmission data further comprises a hash coefficient which is generated based on the virus pattern DB pre-stored in the SOC and the virus pattern DB for updating.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 20)
- - 13. The method as claimed in claim 12, further comprising dividing, by the mobile device, the scanning data by a predetermined size,wherein the transmitting comprises transmitting the divided scanning data to the SOC in sequence.
  - 14. The method as claimed in claim 12, further comprising receiving, by the SOC, the virus pattern DB used for the virus scanning operation from the mobile device and storing the virus pattern DB,wherein the SOC performs the virus scanning operation using the virus pattern DB.
  - 15. The method as claimed in claim 14, further comprising;
    - forming, by the mobile device, SOC transmission data with the virus pattern DB for updating by calling at least one of the operations included in the library;
      
      transmitting, by the mobile device, the SOC transmission data for the virus pattern DB for updating to the SOC; and
      
      updating, by the SOC, a pre-stored virus pattern DB with the virus pattern DB included in the SOC transmission data for the virus pattern DB for updating.
  - 16. The method as claimed in claim 12, further comprising performing, by the SOC, a filtering operation with respect to packet data,wherein the formed SOC transmission data for the scanning data comprises the item indicating the type of the anti-malware service, the first command to scan, and the scanning data.
  - 17. The method as claimed in claim 16, further comprising receiving, by the SOC, the filtering rule list from the mobile device, converting the filtering rule list into the rule pattern DB of a predefined format, and storing the rule pattern DB,wherein the SOC performs the filtering operation with respect to the rule pattern DB.
  - 18. The method as claimed in claim 16, further comprising forming, by the mobile device, SOC transmission data for a rule list defining the filtering operation by calling at least one of the operations included in the library, and transmitting the SOC transmission data to the SOC.
  - 20. A non-transitory computer readable recording medium having recorded thereon a program executable by a computer for performing the method of claim 12.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung SDS (China) Co., Ltd. (Samsung Group)
Original Assignee
Samsung SDS (China) Co., Ltd. (Samsung Group)
Inventors
Yoo, InSeon
Primary Examiner(s)
Lagor, Alexander

Application Number

US13/187,977
Publication Number

US 20120023584A1
Time in Patent Office

1,321 Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/564   by virus signature recognition

G06F 21/567   using dedicated hardware

H04L 63/14   for detecting or protecting...

H04L 63/145   the attack involving the pr...

Device and method for providing SOC-based anti-malware service, and interface method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Device and method for providing SOC-based anti-malware service, and interface method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links