Kaspersky patents hardware-based AV

February 19, 2010 | 11:01

Tags: #anti-virus #av #hardware-anti-virus #rootkit #virus #virus-scanner

Companies: #kaspersky

Security vendor Kaspersky has been granted a patent on a novel hardware-based anti-virus technology designed to sit between a hard drive and motherboard.

According to the company - it's been granted US Patent number 7657941 for "a hardware-based antivirus system that effectively combats rootkits."

As detailed at Neowin, the idea is to install the device between the data storage device (either a hard disk or SSD) and the motherboard in order to read data as it is streamed to and from the disk, and even to block writes to the disk and prevent the permanent storage of detected malicious code. The standalone nature of the device - which can also be made to work in tandem with a more traditional software-based anti-virus - enables it, in Kaspersky's words, to "effectively combat malicious programs that elevate their privileges in the system, e.g., dangerous malware such as rootkits."

While the initial concept is of a physical device, Kaspersky notes that it would make sense if future versions were integrated directly onto either the hard drive or SSD controller or onto the SATA bus itself.

The patent's author, senior technology expert Oleg Zaitsev, describes the concept as offering "a distinct advantage over conventional AV solutions because it monitors all attempts to access a memory device while remaining inaccessible to malware ," and provides for an update mechanism for the virus signatures which is "protected from malicious code and faulty records during updates."

While the concept of a hardware-based anti-virus isn't new, the idea of integrating it so closely inside the PC is - and anyone who looks to get the most out of their system's performance will be pleased with the news that Kaspersky 's device brings its own processor and RAM to the party to keep things nipping along. However, the idea of a completely independent hardware-based anti-virus may worry others - especially if there is no option to disable the technology without removing the device - if it uses the same virus signatures as the company's desktop software.

Do you think that hardware-based anti-virus systems are the future, or does this kind of problem need to be solved at an operating system level by fixing the holes that allow malware in rather than just patching over the cracks with third-party solutions? Share your thoughts over in the forums.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04