Method/system to speed up antivirus scans using a journal file system
US7540027B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 23, 2005 |
| Grant date | May 26, 2009 |
| Priority date | — |
| Expiry date | Oct 3, 2027 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/562
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method and system that reduces the length of time required to complete antivirus scans. An enhanced journal file system (JFS) includes an antivirus utility function, which utilizes a low level log of the JFS to store a history of transactions that occur since a previous scan operation. The log is immune from normal purge operations by the JFS and cannot be circumvented without driver level access. Thus, a virus that changes the timestamp on the file or otherwise attempts to hide its viral activity does not affect the log. When the antivirus scanning utility initiates an antivirus scan of the system, the antivirus scanning utility obtains the history since the last scan from the persistent log. The antivirus scanning utility “replays” the log and carries out the antivirus scan on all files, directories, etc. associated with any transactions that occurred since the last scan.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.