| 发明名称 |
Below-OS Security Solution For Distributed Network Endpoints |
| 摘要 |
Described systems and methods allow protecting a client system, such as a computer system or smartphone, from malware. In some embodiments, a network regulator device is used to distribute a bootable image of a hypervisor, on demand, to each of a set of client systems connected to a network. After booting on a client system, the hypervisor loads the local OS and applications into a virtual machine. Integrity measurements of the hypervisor and/or OS are sent to the network regulator for verification. When the network regulator determines that software executing on a client system, such as the hypervisor and/or the OS, are not in a trusted state, the network regulator may block access of the respective client system to the network. |
| 申请公布号 |
US2015271139(A1) |
申请公布日期 |
2015.09.24 |
| 申请号 |
US201414221158 |
申请日期 |
2014.03.20 |
| 申请人 |
Bitdefender IPR Management Ltd. |
发明人 |
LUKACS Sandor;COLESA Adrian V. |
| 分类号 |
H04L29/06;G06F9/44 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A network regulator comprising at least one processor configured to execute a client boot agent and a network filter connected to the boot agent, wherein:
the client boot agent is configured to transmit a hypervisor image to a client system, in response to receiving a boot request from a client system over a network, wherein executing the hypervisor image on a processor of the client system causes the client system to launch a hypervisor configured to:
expose a client virtual machine (VM) on the client system, the client VM controlled by the hypervisor, andload an operating system into the client VM, the operating system loaded from a local storage device of the client system; and wherein the network filter is configured to:
determine whether the hypervisor is in a trusted state according to a hypervisor integrity measurement received from the client system, the hypervisor integrity measurement characterizing the integrity of the hypervisor; andin response to determining whether the hypervisor is in the trusted state:
allow electronic communications from the client system to a recipient system when the hypervisor is in the trusted state, the recipient system being connected to the network regulator over the network, andblock electronic communications from the client system to the recipient system when the hypervisor is not in the trusted state. |
| 地址 |
Nicosia CY |
