The invention relates to systems and methods for protecting computer networks and individual computer systems from malware, and in particular systems and methods that use hardware virtualization technology.
An increasing number of goods and services are currently provided online, through electronic communication networks such as the Internet. Examples of online services include, among others, electronic communications, online banking, e-commerce, audio/video conferencing, and online gaming. Providing such services online is often associated with a risk of data theft and/or loss of privacy for a user.
Malicious software, also known as malware, affects a great number of computer systems and other electronic devices worldwide. In its many forms such as computer viruses, worms, exploits, and rootkits, malware presents a serious risk to millions of computer users, making them vulnerable to loss of data and sensitive information, to identity theft, and to loss of productivity, among others. Malware may attempt to steal private or sensitive information, e.g., by intercepting keyboard inputs corresponding to a user's password or credit card number, by intercepting signals from a audio/video device connected to a user's computer system, or by intercepting communication between the malware-infected computer system and a remote computer system. Moreover, malware may disable software such as firewalls and other network filters configured to prevent the respective computer system from carrying out unauthorized communication with remote parties.
There is considerable interest in developing anti-malware solutions which are robust, scalable, easily and safely deployable, and adapted to any network configuration.