Kaspersky & Hardware Based Anti-Virus


This is pretty interesting…Kaspersky have received a patent for Hardware based Anti-Virus!

The idea behind this is that it will:

“neutralize the most widespread type of threat – malicious programs that store themselves or infect files on a computer’s hard drive”

by scanning data that is written to the disk. Kaspersky’s news article gives a good insight into how it works:

“The patented device is installed between a drive (hard drive or SSD) and the computing unit (CPU and RAM) and is connected to the system bus or integrated into the disk controller. The hardware antivirus solution allows or blocks writing data to disk, providing threat alerts and information about its operation to the user (user dialog is possible if the hardware antivirus control utility is installed on the PC)”

Interestingly, it can work on it’s own or in conjunction with existing AV software. One area where Kaspersky expect it to be especially effective is against rootkits, which can often prevent AV software from even running. As Kaspersky Technology Expert Oleg Zaitsec says:

“solution has a distinct advantage over conventional AV solutions because it monitors all attempts to access a memory device while remaining inaccessible to malware. This is critical for fighting such sophisticated threats as rootkits and bootkits”

Resources

People often complain that Anti virus software uses a lot of system resources such as CPU and RAM, so putting more hardware in there is going to be even worse…right? Wrong…Kaspersky have given the unit it’s own CPU & RAM to prevent this, in fact you can even attach a separate power supply.

Uses

This will probably be most popular in non-desktop machines including servers and, as Kaspersky say, ATM’s etc.

You can see the Kaspersky announcement here and the Neowin article that alerted me to this here.