System and method for firmware based anti-malware security
First Claim
Patent Images
1. A system for securing an electronic device, comprising:
- one or more operating systems;
a non-volatile memory;
a processor coupled to the non-volatile memory;
a resource of the electronic device;
firmware residing in the non-volatile memory and executed by the processor, the firmware communicatively coupled to the resource of an electronic device; and
a firmware security agent residing in the firmware, the firmware security agent configured to, at a higher priority than all of the operating systems of the electronic device accessing the resource;
intercept a request from one of the operating systems for the resource resident on the electronic device; and
determine whether the request is indicative of malware.
10 Assignments
0 Petitions
Accused Products
Abstract
A system for securing an electronic device includes a non-volatile memory, a processor coupled to the non-volatile memory, a resource of the electronic device, firmware residing in the non-volatile memory and executed by the processor, and a firmware security agent residing in the firmware. The firmware is communicatively coupled to the resource of an electronic device. The firmware security agent is configured to, at a level below all of the operating systems of the electronic device accessing the resource, intercept a request for the resource and determine whether the request is indicative of malware.
173 Citations
53 Claims
-
1. A system for securing an electronic device, comprising:
-
one or more operating systems; a non-volatile memory; a processor coupled to the non-volatile memory; a resource of the electronic device; firmware residing in the non-volatile memory and executed by the processor, the firmware communicatively coupled to the resource of an electronic device; and a firmware security agent residing in the firmware, the firmware security agent configured to, at a higher priority than all of the operating systems of the electronic device accessing the resource; intercept a request from one of the operating systems for the resource resident on the electronic device; and determine whether the request is indicative of malware. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 53)
-
-
19. A method for securing an electronic device, comprising:
-
in firmware communicatively coupled to a resource, the resource coupled to the electronic device and the firmware residing in a non-volatile memory at a higher priority than all of one or more operating systems of the electronic device; intercepting a request from one of the operating systems for the resource resident on the electronic device; consulting one or more security rules; and based on the one or more security rules, determining whether the request is indicative of malware. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. An article of manufacture comprising:
-
a non-transitory computer readable medium; and computer-executable instructions carried on the computer readable medium, the instructions readable by a processor, the instructions, when read and executed, for causing the processor to; in firmware communicatively coupled to a resource, the resource attached to the electronic device and the firmware residing in a non-volatile memory at a higher priority than all of one or more operating systems of the electronic device; intercept a request from one of the operating systems for the resource attached to the electronic device; consult one or more security rules; and based on the one or more security rules, determine whether the request is indicative of malware. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
Specification