A computer-implemented method and computer program product for protecting a computer-driven system from a security threat. The computer-driven system includes a processor host running an operating system in a virtualized environment in communication over a network with a plurality of electronic devices. A set of protocols governs communications over the network between the processor and the devices. The method includes receiving a driver call made to a specific driver, the driver call being generated by the operating system in response to a system call made by an application as well as interrupting transmission of the driver call to the specific driver; and performing a series of paravirtualization processes. The paravirtualization processes include: translating the driver call into a hyper call; analyzing the hyper call according to a set of security rules to determine if a security threat exists; if the analyzing does not determine that a security threat exists, then transmitting the hyper call to the specific driver; and if the analyzing determines that a security threat exists, then performing a security process.
展开▼
