14 DAY TRIAL // Kaspersky Lab, one of the leading security software vendors in the world, has patented a hardware-based antivirus solution in the United States. The device is supposed to scan all data passed from the hard disk to the CPU and RAM, blocking any malicious code it detects.
The hardware antivirus device covered by patent number 7657941 is the brainchild of Oleg Zaitsev, Kaspersky Lab's senior technology expert. A Moscow Energy Institute graduate, Zaitsev joined the Russian security company in 2007 as a developer in its Complex Threat Analysis Group.
The innovative system is particularly effective at blocking rootkits or bootkits, complex threats that inject themselves into low-level system components. These types of malware have so far proven difficult to detect and remove, even to otherwise capable software antivirus products.
In order to intercept and scan all data passed from the hard disk to RAM and CPU, the device can be connected to the system bus or can be integrated into the disk controller. Its database of malware signatures can be updated in a secure manner. In a press release, the vendor mentions a control utility, which allows for user interaction, but fails to specify if this is a software application or another hardware implementation.
In terms of integration into pre-existent setups, the device is very flexible and doesn't require any additional hardware resources. It comes with its own CPU and RAM and even supports a separate dedicated power supply. Also, in addition to functioning as a standalone solution, the device can work together with other antivirus software.
"Antivirus solutions and malware are both types of software with similar rights. This is where a hardware-based antivirus solution has a distinct advantage over conventional AV solutions because it monitors all attempts to access a memory device while remaining inaccessible to malware. This is critical for fighting such sophisticated threats as rootkits and bootkits. Moreover, the hardware antivirus solution integrates seamlessly with other security solutions, as well as with server software and specialized computers, for example ATMs," Mr. Zaitsev explains.