Protection of antivirus daemon in a computer
US10990673B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | May 24, 2019 |
| Grant date | Apr 27, 2021 |
| Priority date | — |
| Expiry date | Oct 30, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method protects a daemon in an operating system of a host computer. The operating system detects that there is an access of a plist file of a daemon by a process in the computer. If so, then it executes a callback function registered for the plist file. The callback function sends to a kernel extension a notification of the attempted access. The kernel extension returns a value to the operating system indicating that the access should be denied. The operating system denies access to the plist file of the daemon by the process. The extension may also notify an application which prompts the user for instruction. The kernel extension also protects itself by executing its exit function when a command is given to unload the extension, and the exit function determines whether or not the command is invoked by an authorized application, such as by checking a flag.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.