Virtual-machine-technology-based data security input and submission method and system

Abstract

The invention relates to a virtual-machine-technology-based data security input and submission method and a virtual-machine-technology-based data security input and submission system. The system isolates a user input management programs and a user operating system into different hardware resource spaces by a virtual machine monitor (VMM), so that a user can securely input and submit data to a server in an environment inaccessible for Trojans without worrying that the data may be intercepted by the Trojans, and even though being intercepted, the intercepted data is encrypted. In other words, by the method and the system, a universal software solution is provided for the prevention of number stealing of the Trojans.

Description

technical field [0001] The present invention generally relates to methods of securely entering and submitting data in network transactions. More specifically, the present invention relates to a method and a system for enhancing the security of network identity authentication by inputting an account password on a computer. Background technique [0002] With the popularization of Internet applications, virtualization of real life is the main feature and trend at present. The protection of information security, personal privacy, and virtual property is particularly important. The most common protection method is passwords, but passwords provide us with the necessary security. At the same time, it also brings a lot of trouble. If the password is stolen, our important information and personal privacy may be leaked, and virtual property, business secrets, and deposit funds may be stolen. [0003] At present, the theft of network passwords is becoming more and more serious. Accord...

AI Technical Summary

Problems solved by technology

[0009] 3. Memory scanning and interception: After the hacking Trojan horse virus runs, it detects the process of all programs in the system through Hook technology, and monitors the calls of related APIs. The hacking Trojan horse hacking software can intercept specific handles, windows or keywords For events such as disk, mouse, copy, and paste in Windows, or directly read the unencrypted account password of the process, or intercept other API function call events, this Trojan horse has a strong concealment, and currently there is no such Trojan in Windows very effective means of prevention

[0010] 4. Phishing: Phishing attacks, malicious websites disguised as homepages of well-known companies, using domain name similarity and address spoofing loopholes in IE browsers, tricking netizens into entering account numbers and passwords, and planting Trojan horse viruses through malicious scripts to lure more Users visit the website to cause infection, and cyber crooks use these fake websites to steal account numbers and passwords of login users, causing huge losses to relevant departments and industries, making people question the safety of online transactions, and seriously hindering The development of e-commerce industry

[0012] 1. Anti-virus software: For known harmful account-stealing programs such as Trojan horse viruses, anti-virus software uses virus signature filtering and other technologies, including special Trojan horse killing software, which are similar in design principles and technical ideas. For new account-stealing Trojan horses For software malicious programs, the success rate of antivirus software is about 20%. At present, antivirus software companies are also exploring new technologies and methods, but they have not made substantial breakthroughs; in fact, publishers of account hacking Trojan horses usually use mainstream Anti-virus software and Trojan horse anti-virus software to scan, confirm that these Trojan horse anti-virus software cannot be recognized before publishing

[0013] 2. Firewall: Adopt application program + port detection and control technologies. Some firewalls have feature code filtering technology. For example, sensitive characters set for account passwords are prohibited from being sent and transmitted. Use normal ports such as 80 to send, or directly use IE to send, the firewall is powerless;

[0014] 3. Dynamic password card: Different passwords are used for each transaction, and Trojan horses can not continue to use the password after successfully stealing the password. However, the issuance cost and cost of dynamic password cards are high, and they are currently only used in some bank websites;

[0015] 4. Telephone and SMS authentication, this method is expensive and not widely used;

[0016] 5. USB-Key certificate, hardware secret treasure, this method is relatively safe and highly targeted, and is limited to the service provider's own website or game

And this new architecture cannot be the way of hardware+Windows+Windows software. As we all know, in the Windows architecture, Windows is the direct controller of the hardware, and Windows has opened up the development interface of the kernel-level driver, so that third parties can build on Windows. If the task of this driver is to steal keys and certificates, theoretically we cannot use another software to completely prevent it in Windows

Images