Method and device for enhancing user information input security

A technology for user information and security, applied in the field of information security, can solve problems such as increasing network bandwidth, failing to operate normally or downtime, and increasing network traffic so as to achieve the effect of strengthening security

Inactive Publication Date: 2012-03-28
FEITIAN TECHNOLOGIES
View PDF5 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Email bombs, glacier Trojan horses, code red, shock wave virus, worm virus, Sasser, etc., virus samples are constantly changing and refurbished, and their performance characteristics are also strange. Traffic increases network bandwidth, congests the network and paralyzes it, or steals other people's privacy
In particular, the currently popular Internet thief Miracle variant, as well as Trojan horse programs such as KeyLogger, use the means of recording keystroke information to steal bank passwords and illegally obtain other people's funds, causing relatively large losses to poisoned users.
[0003] From the principle of Windows message transmission, the keyboard information (key value and scan code) is first intercepted by the system through the keyboard interrupt program as plain text, and then transmitted to the corresponding application interface or focus window according to the message transmission chain. The running program can intercept the button information through hooks (Hook), etc., and the Trojan horse virus steals important information, such as user account numbers and passwords, by intercepting the button information.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for enhancing user information input security
  • Method and device for enhancing user information input security
  • Method and device for enhancing user information input security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0086] Embodiment 1 of the present invention provides a method for improving the security of user information input. In this embodiment, the information on the message delivery chain consists of data and sending time. For example, the interference information includes the interference data and the sending time of the interference data. The real key information includes the real key data and the sending time of the real key, and the input control distinguishes the interference information from the real key information by sending time, such as figure 2 shown, including:

[0087] S101: The input control receives the input cursor trigger, and starts the timer to start working;

[0088] S102: The timer regularly triggers the input control to generate interference data, the input control forms interference information from the interference data and the sending time of the interference data, and sends the interference information to the message delivery chain;

[0089] Preferably, ...

Embodiment 2

[0101] In order to prevent the data on the message transmission chain of the first embodiment from being intercepted by the hacker hook program, the second embodiment provides another method for improving the security of user information input, which is to set a keyboard hook program on the basis of the first embodiment. The keyboard hook program and the hacker hook program compete to intercept the information on the message delivery chain, and the keyboard hook program sends the intercepted information to the input control for processing. The method of this embodiment is as follows: image 3 shown, including:

[0102] S201: The input control hooks the keyboard hook program into the application program;

[0103] In this embodiment, the input control hangs the keyboard hook program into the application program by calling the HHOOK SetWindowsHookEx function of the API (Chinese name: application program interface); the keyboard hook program, the hacker hook program and other hook...

Embodiment 3

[0114] Embodiment 3 of the present invention provides another method for improving the security of user information input. In this method, multiple keyboard hook programs are set. The hook program intercepts the information from the message delivery chain and does not send it to the input control but processes it by itself, such as Figure 4 As shown, the method provided in this embodiment includes:

[0115] S301: The input control hooks multiple keyboard hook programs into the application program;

[0116]In this embodiment, the input control hooks the keyboard hook program into the application program by calling the HHOOK SetWindowsHookEx function of the API;

[0117] S302: the input control receives the input cursor trigger, starts the keyboard hook program and the timer starts to work;

[0118] Specifically, in this embodiment, the timer triggers the input control every 10 milliseconds to unload all keyboard hook programs and re-hook them into the application program, so...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for enhancing user information input security. The method comprises steps as follows: a timer triggers an input widget to generate interference information at definite time, and the input widget transmits the interference information to a message transfer chain; and when receiving the information on the message transfer chain, the input widget judges whether the received information contains interference information according to an interference time list or preset identifier value, if so, discards the received information, and else, saves the received information and transmits false information to the widget interface. After the generated interference information is interpolated into the message transfer chain, even if a hacker hook intercepts information on the transfer chain, the information is mixed information and can not endanger the user privacy, thereby enhancing the user information input security.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method and device for improving the security of user information input. Background technique [0002] With the development of network technology, e-commerce is developing at an astonishing speed. At the same time, the security of the network is being challenged day by day due to the attacks of hackers, the proliferation of viruses and Trojan horse programs. Email bombs, glacier Trojan horses, code red, shock wave virus, worm virus, Sasser, etc., virus samples are constantly changing and refurbished, and their performance characteristics are also strange. Traffic increases network bandwidth, congests the network and paralyzes it, or steals other people's privacy. In particular, the currently popular internet thief Miracle variant, and Trojan horse programs such as KeyLogger, use the means of recording keystroke information to steal bank passwords and illegally obtain other p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/04G06F21/24G06F21/82
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap