Malware detection device
First Claim
Patent Images
1. A device, comprising:
- a memory to store instructions; and
a processor to execute the instructions to;
monitor data transmission between a first device and a second device, the data being transmitted via a pathway, and the pathway being a host-controlled peripheral bus, a peer-to-peer bus, or a point-to-point link;
analyze, using one or more malware signatures, the data transmitted between the first device and the second device;
determine, based on the one or malware signatures, if malware is contained in the data;
interrupt, when malware is contained in the data, transmission of the data between the first device and the second device;
receive, from the first device or the second device, one or more updated malware signatures;
analyze, using the one or more updated malware signatures, subsequent data transmitted between the first device and the second device;
determine, based on the one or more updated malware signatures, if malware is contained in the subsequent data; and
interrupt, when malware is contained in the subsequent data, transmission of the subsequent data between the first device and the second device.
6 Assignments
0 Petitions
Accused Products
Abstract
An exemplary malware detection device includes a data pathway provided between a first data transfer device and a second data transfer device and a processor attached to the data pathway. A memory accessible by the processor contains at least one malware signature and instructions for controlling the processor to interconnect the first and second data transfer devices, direct at least a portion of a data transfer across the data pathway to the processor for analysis, independently analyze the portion of the data transfer using the malware signature, identify malware contained in the portion of the data transfer, and interrupt the data transfer based on the identification of malware.
-
Citations
18 Claims
-
1. A device, comprising:
-
a memory to store instructions; and a processor to execute the instructions to; monitor data transmission between a first device and a second device, the data being transmitted via a pathway, and the pathway being a host-controlled peripheral bus, a peer-to-peer bus, or a point-to-point link; analyze, using one or more malware signatures, the data transmitted between the first device and the second device; determine, based on the one or malware signatures, if malware is contained in the data; interrupt, when malware is contained in the data, transmission of the data between the first device and the second device; receive, from the first device or the second device, one or more updated malware signatures; analyze, using the one or more updated malware signatures, subsequent data transmitted between the first device and the second device; determine, based on the one or more updated malware signatures, if malware is contained in the subsequent data; and interrupt, when malware is contained in the subsequent data, transmission of the subsequent data between the first device and the second device. - View Dependent Claims (2, 3, 4, 5, 6, 14, 15)
-
-
7. A method, comprising:
-
monitoring data transmitted between a first device and a second device, the data being transmitted via a pathway, and the pathway being a host-controlled peripheral bus, a peer-to-peer bus, or a point-to-point link; analyzing, using one or more malware signatures, the data transmitted between the first device and the second device; determining, based on the one or more malware signatures, if malware is contained in the data; interrupting, when malware is contained in the data, transmission of the data between the first device and the second device; receiving, from the first device or the second device, one or more updated malware signatures; analyzing, using the one or more updated malware signatures, subsequent data transmitted between the first device and the second device; determining, based on the one or more updated malware signatures, if malware is contained in the subsequent data; and interrupting, when malware is contained in the subsequent data, transmission of the subsequent data between the first device and the second device. - View Dependent Claims (8, 9, 10, 16, 17)
-
-
11. A non-transitory computer-readable storage medium comprising:
-
one or more instructions which, when executed by at least one processor, cause the at least one processor to analyze, using the one or more malware signatures, data transmitted between a first device and a second device, the data being transmitted via a pathway, and the pathway being a host-controlled peripheral bus, a peer-to-peer bus, or a point-to-point link; one or more instructions which, when executed by the at least one processor, cause the at least one processor to determine, based on the one or more malware signatures, if malware is contained in the data; one or more instructions which, when executed by the at least one processor, cause the at least one processor to interrupt, when malware is contained in the data, transmission of the data between the first device and the second device; one or more instructions which, when executed by the at least one processor, cause the at least one processor to receive, from the first device or the second device, one or more updated malware signatures; one or more instructions which, when executed by the at least one processor, cause the at least one processor to analyze, using the one or more updated malware signatures, subsequent data transmitted between the first device and the second device; one or more instructions which, when executed by the at least one processor, cause the at least one processor to determine, based on the one or more updated malware signatures, if malware is contained in the subsequent data; and one or more instructions which, when executed by the at least one processor, cause the at least one processor to interrupt, when malware is contained in the subsequent data, transmission of the subsequent data between the first device and the second device. - View Dependent Claims (12, 13, 18)
-
Specification