公开(公告)号：US20180137278A1

公开(公告)日：2018-05-17

申请号：US15852320

申请日：2017-12-22

Applicant: Gigavation, Inc.

Inventor： Gita Srivastava ,  Piyush B. Srivastava

IPC: G06F21/55 ,  G06F21/85 ,  G06F21/60

Abstract: A method of enhancing security of at least one of a host computing device and a peripheral device coupled to the host computing device through a communication interface. Data is transparently received from the peripheral device or the host computing device, and the received data is stored. The stored data is analyzed to detect a circumstance associated with a security risk. If such a circumstance is not detected, then the data is transparently forwarded to the other of the peripheral device or the host. However, if a circumstance associated with a security risk is detected, then a security process, defined by a rule, is performed. Related apparatus are provided, as well as other methods and apparatus.

公开(公告)号：US10678913B2

公开(公告)日：2020-06-09

申请号：US15852320

申请日：2017-12-22

Applicant: Gigavation, Inc.

Inventor： Gita Srivastava ,  Piyush B. Srivastava

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/60 ,  G06F21/85

Abstract: A method of enhancing security of at least one of a host computing device and a peripheral device coupled to the host computing device through a communication interface. Data is transparently received from the peripheral device or the host computing device, and the received data is stored. The stored data is analyzed to detect a circumstance associated with a security risk. If such a circumstance is not detected, then the data is transparently forwarded to the other of the peripheral device or the host. However, if a circumstance associated with a security risk is detected, then a security process, defined by a rule, is performed. Related apparatus are provided, as well as other methods and apparatus.

公开(公告)号：US09875354B1

公开(公告)日：2018-01-23

申请号：US14488327

申请日：2014-09-17

Applicant: Gigavation, Inc.

Inventor： Gita Srivastava ,  Piyush B. Srivastava

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/60 ,  G06F21/85

CPC classification number: G06F21/554 ,  G06F21/606 ,  G06F21/85

Abstract: A method of enhancing security of at least one of a host computing device and a peripheral device coupled to the host computing device through a communication interface. Data is transparently received from the peripheral device or the host computing device, and the received data is stored. The stored data is analyzed to detect a circumstance associated with a security risk. If such a circumstance is not detected, then the data is transparently forwarded to the other of the peripheral device or the host. However, if a circumstance associated with a security risk is detected, then a security process, defined by a rule, is performed. Related apparatus are provided, as well as other methods and apparatus.

公开(公告)号：US20160306966A1

公开(公告)日：2016-10-20

申请号：US15099160

申请日：2016-04-14

Applicant: Gigavation, Inc.

Inventor： Gita Srivastava ,  Piyush B. Srivastava

IPC: G06F21/55 ,  G06F21/31 ,  H04L9/32 ,  H04L29/06 ,  H04L9/30

CPC classification number: G06F21/554 ,  G06F9/4555 ,  G06F21/31 ,  G06F21/53 ,  G06F2009/45587 ,  G06F2221/034 ,  G06F2221/2141 ,  H04L9/30 ,  H04L9/32 ,  H04L63/0435 ,  H04L63/08

Abstract: A computer-implemented method and computer program product for protecting a computer-driven system from a security threat. The computer-driven system includes a processor host running an operating system in a virtualized environment in communication over a network with a plurality of electronic devices. A set of protocols governs communications over the network between the processor and the devices. The method includes receiving a driver call made to a specific driver, the driver call being generated by the operating system in response to a system call made by an application as well as interrupting transmission of the driver call to the specific driver; and performing a series of paravirtualization processes. The paravirtualization processes include: translating the driver call into a hyper call; analyzing the hyper call according to a set of security rules to determine if a security threat exists; if the analyzing does not determine that a security threat exists, then transmitting the hyper call to the specific driver; and if the analyzing determines that a security threat exists, then performing a security process.

Abstract translation: 一种用于保护计算机驱动系统免受安全威胁的计算机实现的方法和计算机程序产品。 计算机驱动系统包括处理器主机，其在虚拟化环境中运行操作系统，通过网络与多个电子设备进行通信。 一组协议控制处理器和设备之间的网络通信。 所述方法包括接收对特定驱动器的驱动程序调用，所述驾驶员调用是由所述操作系统响应于由应用程序进行的系统调用而产生的，以及中断对所述特定驱动程序的所述驾驶员呼叫的传输; 并执行一系列半虚拟化过程。 半虚拟化过程包括：将驱动程序调用转换为超级调用; 根据一组安全规则分析超级呼叫，以确定是否存在安全威胁; 如果分析没有确定存在安全威胁，则将超级呼叫发送到特定的驱动程序; 并且如果分析确定存在安全威胁，则执行安全过程。