POST (power-on-self-test) debugging method and apparatuses using the same
US-9465707-B2 · Oct 11, 2016 · US
Method for Detecting a Unified Extensible Firmware Interface Protocol Reload Attack and System Therefor
US2016253501A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016253501-A1 |
| Application number | US-201514632429-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 26, 2015 |
| Priority date | Feb 26, 2015 |
| Publication date | Sep 1, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An installation notification routine is initialized at a driver, the routine maintaining a count of installation notifications corresponding to a first global unique identifier (GUID) received at the driver. The driver registers for protocol installation notification corresponding to the first GUID. Malicious activity is identified in response to receiving more than one installation notification at the installation notification routine.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: initializing an installation notification routine at a driver at a data processing device, the routine maintaining a count of installation notifications corresponding to a first global unique identifier (GUID) received at the driver; registering for protocol installation notification during initialization of the driver, the protocol corresponding to the first GUID; and identifying malicious activity in response to receiving more than one installation notification at the installation notification routine. 2 . The method of claim 1 , further comprising installing a protocol corresponding to the first GUID. 3 . The method of claim 2 , further comprising reloading the protocol in response to the identifying. 4 . The method of claim 2 , further comprising receiving a first installation notification in response to installing the protocol. 5 . The method of claim 2 , further comprising receiving a second installation notification in response to installing the protocol. 6 . The method of claim 1 , wherein initializing the installation notification routine further comprises initializing the count to zero, and incrementing the count in response to receiving each protocol installation notification corresponding to the first GUID. 7 . The method of claim 1 , further comprising generating an inquiry to determine whether a protocol associated with the first GUID is installed. 8 . The method of claim 1 , further comprising halting a boot sequence at an information handling system in response to the identifying. 9 . An information handling system comprising: a processor; and a memory device for storing instructions, the instructions to: initialize an installation notification routine at a driver, the routine maintaining a count of installation notifications corresponding to a first global unique identifier (GUID) received at the driver; register for protocol installation notification during initialization of the driver, the protocol corresponding to the first GUID; and identify malicious activity in response to receiving more than one installation notification at the installation notification routine. 10 . The system of claim 9 , further comprising instructions to install a protocol corresponding to the first GUID. 11 . The system of claim 10 , further comprising instructions to reload the protocol in response to the identifying. 12 . The system of claim 10 , further comprising instructions to receive a first installation notification in response to installing the protocol. 13 . The system of claim 10 , further comprising instructions to receive a second installation notification in response to installing the protocol. 14 . The system of claim 9 , wherein initializing the installation notification routine further comprises initializing the count to zero, and incrementing the count in response to receiving each protocol installation notification corresponding to the first GUID. 15 . The system of claim 9 , further comprising instructions to generate an inquiry to determine whether a protocol associated with the first GUID is installed. 16 . The system of claim 9 , further comprising instructions to halt a boot sequence at the information handling system in response to the identifying. 17 . A non-transitory data storage medium storing instructions executable by a processor to cause the processor to: initialize an installation notification routine at a driver, the routine maintaining a count of installation notifications corresponding to a first global unique identifier (GUID) received at the driver; register for protocol installation notification during initialization of the driver, the protocol corresponding to the first GUID; and identify malicious activity in response to receiving more than one installation notification at the installation notification routine. 18 . The storage medium of claim 17 , further comprising instructions to install a protocol corresponding to the first GUID. 19 . The storage medium of claim 18 , further comprising instructions to receive a first installation notification in response to installing the protocol. 20 . The storage medium of claim 17 , further comprising instructions to halt a boot sequence at the information handling system in response to the identifying.
Assignees
Inventors
Classifications
Installation · CPC title
Secure boot · CPC title
Configuring for operating with peripheral devices; Loading of device drivers · CPC title
- G06F21/566Primary
Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities · CPC title
Test or assess a computer or a system · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016253501A1 cover?
- An installation notification routine is initialized at a driver, the routine maintaining a count of installation notifications corresponding to a first global unique identifier (GUID) received at the driver. The driver registers for protocol installation notification corresponding to the first GUID. Malicious activity is identified in response to receiving more than one installation notificatio…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/566. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Sep 01 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).