Desktop screen auditing method based on user behaviors

A user-behavior technology, applied in screen-related areas, can solve problems such as the inability to quickly find video recordings, network bandwidth, and storage load, and achieve the effects of improving audit efficiency and saving storage and network bandwidth resources

Inactive Publication Date: 2015-06-10
FUZHOU UNIVERSITY
4 Cites 15 Cited by

AI-Extracted Technical Summary

Problems solved by technology

Most of the current screen auditing technologies use quasi-real-time interception of computer desktop screens, and then compress the pictures and send them to the monitoring end. The da...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Abstract

The invention relates to the technical field of screens and in particular relates to a desktop screen auditing method based on user behaviors. The desktop screen auditing method based on the user behaviors comprises the steps of 1, installing a hook for capturing the operating behaviors of a user after an auditing client is started up, and reporting data to an auditing server, 2, enabling the auditing client to read the configuration, 3, when the user works normally, triggering screen capturing after the hook captures the effective operation of the user, and performing image compression, next, recording whether mouse clicking or keyboard inputting is performed at present by a screenshot module, and meanwhile, recording the information, 4, uploading the image and the recorded information in the step 3 by the auditing client, and 5, activating an auditing server to receive the data uploaded by the auditing client and save the image and the image information into a database, and ending the steps. The desktop screen auditing method based on the user behaviors is capable of realizing screen capturing on demand, effectively classifying the screenshot data and improving the retrieval efficiency of an administrator.

Application Domain

Technology Topic

Image

  • Desktop screen auditing method based on user behaviors

Examples

  • Experimental program(1)

Example Embodiment

[0022] In order to make the above-mentioned objects, features and advantages of the present invention more obvious and easy to understand, the specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
[0023] In the following description, specific details are set forth in order to fully understand the present invention. However, the present invention can be implemented in many other ways different from those described herein, and those skilled in the art can make similar generalizations without departing from the connotation of the present invention. Therefore, the present invention is not limited by the specific embodiments disclosed below.
[0024] This embodiment provides a desktop screen audit method based on user behavior. The method mainly relies on two parts to achieve: A) Audit client. The audit client is installed on the user desktop system to monitor user behavior and collect data. Report to the audit server. B) The audit server is used for the administrator to define audit strategies and to screen and view user behavior data.
[0025] See Figure 1. The method includes the following steps:
[0026] User screen audit:
[0027] Step 1. After the audit client is started, a mouse hook, keyboard hook, and message hook will be installed to capture user actions.
[0028] Step 2. Audit client read configuration (the shortest interval for mouse-triggered screenshots, the shortest interval for keyboard-triggered screenshots, the rules for triggering screenshots of common keys and special keys and key combinations, and whether the screenshots are black and white or color);
[0029] Step 3. When the user works normally, the hook intercepts the user’s effective operation, triggers a screenshot, and performs image compression (if the strategy is black and white pictures, convert to black and white pictures to reduce storage space); the screenshot module records whether the current mouse click or keyboard Input, if it is a mouse click, record the position of the mouse click, so that the administrator can observe where the user clicked the mouse when viewing the video, and record the current user session ID, process name, window title and current time at the same time;
[0030] Step 4. The client uploads the picture of Step 3 and the recorded information (user session ID, window title, process name, picture resolution, mouse position information, and screenshot time);
[0031] Step 5. The server receives the data uploaded by the client and saves the picture and picture information (the message includes the time of the screenshot, the user who is currently generating the screenshot, the name of the window that generated the screenshot, the name of the process that generated the screenshot, the resolution of the image, and the mouse position Information) into the database; the step ends.
[0032] Administrator view data:
[0033] Step 1. When the administrator needs to view data, the server can filter out the corresponding screen data according to the user session, time, process name and window title;
[0034] Step 2. When the administrator needs to play the video, the server will restore the screen pictures and accompanying text information according to the filtering conditions in step 1, and play these pictures and data in order to achieve "video" playback. The administrator can easily view the user's operation behavior.
[0035] In an embodiment of the present invention, the screenshots include on-demand screenshots: A) Judging the user’s current operation, only taking screenshots of user operations that may cause audit risks, for example, the user does not take screenshots while typing, Take screenshots when opening applications, clicking buttons, switching windows, entering special keys (such as Ctrl+Alt+Delete key combination), etc., to effectively ensure the effectiveness of screenshots while reducing the frequency of screenshots; B) Current user operations The process is judged, and only screenshots of applications that will generate audit risks are taken. When users are using certain applications that do not generate audit risks, they will not be taken (for example, users can set not to take screenshots when they operate word) .
[0036] In an embodiment of the present invention, the screenshot also includes the acquisition of screenshot text information: when faced with massive amounts of data, since it cannot be easily retrieved, more additional information about the picture (currently User session ID, current operation process name, window title, screenshot time). It can be classified according to the accompanying information of the pictures, and can be audited separately by session, application, and the same window title. The administrator can directly audit suspicious risk operations, without having to watch the audit pictures from beginning to end according to time, which improves audit efficiency.
[0037] In an embodiment of the present invention, the server side can also restore playback: that is, when the server side restores the screen recording, it can play each complete screenshot in order according to classification, time, and finally, to realize the playback of "recording" data.
[0038] Although the present invention has been disclosed as above in preferred embodiments, it is not intended to limit the present invention. Any person skilled in the art can use the methods and technical content disclosed above to improve the present invention without departing from the spirit and scope of the present invention. The technical solution makes possible changes and modifications. Therefore, all simple modifications, equivalent changes and modifications made to the above embodiments according to the technical essence of the present invention without departing from the content of the technical solution of the present invention belong to the technical solution of the present invention. protected range. The foregoing descriptions are only preferred embodiments of the present invention, and all equivalent changes and modifications made in accordance with the scope of the patent application of the present invention should fall within the scope of the present invention.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Similar technology patents

Differentiated software process auditing method

PendingCN113793130AReduce manual audit costsImprove audit efficiencyOffice automationResourcesSoftwareSoftware engineering
Owner:SHANGHAI ZHONGTONGJI NETWORK TECH CO LTD

Travel bill information auditing method and device and readable medium

PendingCN111985903AImprove audit efficiencySpeed ​​up the reimbursement processDigital data authenticationOffice automationInvoiceData science
Owner:INSPUR TIANYUAN COMM INFORMATION SYST CO LTD

Classification and recommendation of technical efficacy words

  • Improve audit efficiency

Method and device for realizing database auditing

InactiveCN106202560AImprove audit efficiencySpecial data processing applicationsTraffic volumeDatabase access
Owner:HANGZHOU DPTECH TECH

Code auditing method and device based on version number comparison and medium

InactiveCN110109840AReduce workloadImprove audit efficiencyVersion controlSoftware testing/debuggingWorkloadCode audit
Owner:重庆八戒电子商务有限公司

Power grid marketing inspection risk management and control method based on risk calculation model

ActiveCN106709623AImprove audit efficiencyResourcesPower gridRisk index
Owner:SHENZHEN POWER SUPPLY BUREAU +1
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products