CN109376555A - A method of evidence obtaining is monitored for Brute Force laptop password - Google Patents
A method of evidence obtaining is monitored for Brute Force laptop password Download PDFInfo
- Publication number
- CN109376555A CN109376555A CN201811452650.4A CN201811452650A CN109376555A CN 109376555 A CN109376555 A CN 109376555A CN 201811452650 A CN201811452650 A CN 201811452650A CN 109376555 A CN109376555 A CN 109376555A
- Authority
- CN
- China
- Prior art keywords
- laptop
- monitoring client
- brute force
- password
- evidence obtaining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of method for being monitored evidence obtaining for Brute Force laptop password, method particularly includes: pass through school and examine the password error event of operating system and starts the included camera and sound pick-up outfit of laptop;It is taken pictures using camera and evidence is recorded and uploaded with sound pick-up outfit to network server;Real-time informing is to the laptop owner, downloading and perpetuation of testimony;The present invention can timely understand the safe condition of notebook personal computer, especially after personal notebook sight away from keyboard, greatly reduce security risk;Video/audio image when available Brute Force simultaneously, is effectively reduced the evidence obtaining difficulty of security incident.
Description
Technical field
The invention belongs to laptop security monitoring fields, and in particular to one kind is close for Brute Force laptop
The method that code is monitored evidence obtaining.
Background technique
Currently, notebook personal computer is using widely, the safety problem of notebook is also increasingly important.Existing technology
The behavior for stealing PC is monitored to realize by using the external monitoring device of usb expansion (such as camera etc.).
But external device needs to put into hardware cost;External device is easily by malicious sabotage;Existing scheme is not to cracking computer system
Behavior is monitored, and only has extremely limited monitoring to stealing behavior, and the data security in computer system is to have more
Value.Term definition:
HOOK: computerese refers to one kind of interception or message or event in filtering computer operating system
Mechanism.
Summary of the invention
To solve drawbacks described above, the present invention provides one kind to be monitored evidence obtaining for Brute Force laptop password
Method, the realization of this method needs monitoring client, network server and the support of receiving end, specifically includes the following steps:
1, the cryptographic check event of monitoring client HOOK operating system;
2, monitoring client waits the password event of operating system;
3, when having the generation of cryptographic check event, monitoring client checks cryptographic check as a result, if cryptographic check success, executes step
Rapid 2, it is no to then follow the steps 4;
4, judge the number of Password Input mistake, if number is more than the specified value N of configuration, thens follow the steps 5, otherwise return
Step 2;
5, starting laptop included camera and sound pick-up outfit;
6, camera carries out once photo taking every 1s, and total duration of taking pictures is the specified T of configuration, and the result that will take pictures is raw
At picture, the specified network server of configuration is then uploaded to;Sound pick-up outfit starts to record while taking pictures, and will be in recording
Hold and generate audio file, is then uploaded to the specified network server of configuration;
7, configured receiving end in advance is sent notification to, content of announcement includes the server path uploaded;
8, file is downloaded after the notice for receiving monitoring client transmission in receiving end, extracts evidence.
Wherein, network server waits the upload request of monitoring client, and when upload request arrives, network server is by upload
Content is saved under the specified catalogue of request.
Wherein, receiving end refers to personal mobile device, and content of announcement is extracted after the notice for receiving monitoring client transmission in receiving end
In data storage path, extract network server on monitoring client upload picture and audio file as evidence.
Preferably, specified secondary numerical value of N >=3 are configured in step 4.
Preferably, specified T >=5s is configured in step 6.
Further, the mode of notice includes but is not limited to mail, short message and wechat.
The invention has the benefit that
The present invention can timely understand the safe condition of notebook personal computer, especially away from keyboard in personal notebook
After sight, security risk is greatly reduced;Video/audio image when available Brute Force simultaneously, is effectively reduced taking for security incident
Demonstrate,prove difficulty.
Detailed description of the invention
Fig. 1 is flow chart of the invention
Specific embodiment
Implementation method with reference to the accompanying drawing is described in further details the present invention.
Process of the invention as shown in Figure 1, specific to this method realization need monitoring client (i.e. laptop, and
The position of step 1-7 operation), the branch of network server (operating in internet) and receiving end (referring generally to personal mobile device)
It holds, implementation process is as follows:
1, the cryptographic check event of monitoring client HOOK operating system;
2, monitoring client waits the password event of operating system;
3, when having the generation of cryptographic check event, monitoring client checks cryptographic check as a result, if cryptographic check success, executes step
Rapid 2, it is no to then follow the steps 4;
4, judge the number of Password Input mistake, if number is more than N (N >=3) secondary, then follow the steps 5, otherwise return step
2;
5, starting laptop included camera and sound pick-up outfit;
6, camera carries out once photo taking every 1s, and total duration of taking pictures is 10s, and the result that will take pictures generates picture,
Then the specified network server of configuration is uploaded to;Sound pick-up outfit starts to record while taking pictures, and the content of recording is generated
Then audio file is uploaded to the specified network server of configuration;
Network server waits the upload request of monitoring client, and when upload request arrives, network server is by the content of upload
It is saved under the specified catalogue of request.
7, (a variety of meanss of communication, such as short message, the instant messages such as wechat tool also can be used) by way of mail
Configured receiving end in advance is sent notification to, content of announcement includes the server path uploaded;
8, after the notice for receiving monitoring client transmission, Pop-up message is reminded, and initiates vibrations notice for receiving end.
The data storage path in content of announcement is extracted, monitoring client uploads on network server picture and audio text are extracted
Part is as evidence.Evidence can submit to the police or other purposes.
Claims (6)
1. a kind of method for being monitored evidence obtaining for Brute Force laptop password, which is characterized in that the reality of this method
Monitoring client, network server and the support of receiving end are now needed, the monitoring client refers to laptop, and the method is specifically wrapped
Include following steps:
(1) the cryptographic check event of monitoring client HOOK operating system;
(2) monitoring client waits the password event of operating system;
(3) when having the generation of cryptographic check event, monitoring client checks cryptographic check as a result, if cryptographic check success, thens follow the steps
(2), no to then follow the steps (4);
(4) judge the number of Password Input mistake, if number is more than the specified value N of configuration, thens follow the steps (5), otherwise return
Step (2);
(5) starting laptop included camera and sound pick-up outfit;
(6) camera carries out once photo taking every 1s, and total duration of taking pictures is the specified T of configuration, and the result generation that will take pictures
Then picture uploads to the specified network server of configuration;Sound pick-up outfit starts to record while taking pictures, and by the content of recording
Audio file is generated, the specified network server of configuration is then uploaded to;
(7) configured receiving end in advance is sent notification to, content of announcement includes the server path uploaded;
(8) file is downloaded after the notice for receiving monitoring client transmission in receiving end, extracts evidence.
2. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 1,
It is characterized in that, the network server waits the upload request of monitoring client, and when upload request arrives, network server will be uploaded
Content be saved under the specified catalogue of request.
3. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 2,
It is characterized in that, the receiving end refers to personal mobile device, and content of announcement is extracted after the notice for receiving monitoring client transmission in receiving end
In data storage path, extract network server on monitoring client upload picture and audio file as evidence.
4. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 1,
It is characterized in that, specified value N >=3 of configuration in the step (4).
5. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 1,
It is characterized in that, the specified T >=10s of configuration in the step (6).
6. -5 any a kind of side for being monitored evidence obtaining for Brute Force laptop password according to claim 1
Method, which is characterized in that the mode of the notice includes but is not limited to mail, short message and wechat.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811452650.4A CN109376555A (en) | 2018-11-30 | 2018-11-30 | A method of evidence obtaining is monitored for Brute Force laptop password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811452650.4A CN109376555A (en) | 2018-11-30 | 2018-11-30 | A method of evidence obtaining is monitored for Brute Force laptop password |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109376555A true CN109376555A (en) | 2019-02-22 |
Family
ID=65376348
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811452650.4A Pending CN109376555A (en) | 2018-11-30 | 2018-11-30 | A method of evidence obtaining is monitored for Brute Force laptop password |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109376555A (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103036852A (en) * | 2011-09-29 | 2013-04-10 | 北大方正集团有限公司 | Method and device for achieving network login |
CN103401883A (en) * | 2013-08-16 | 2013-11-20 | 深信服网络科技(深圳)有限公司 | Single sign-on method and system |
CN104010088A (en) * | 2014-06-16 | 2014-08-27 | 中国地质大学(武汉) | Smart-phone anti-theft method and system |
US20150199542A1 (en) * | 2014-01-16 | 2015-07-16 | Fu Tai Hua Industry (Shenzhen) Co., Ltd. | Communication device and anti-loss method |
CN204557496U (en) * | 2015-05-13 | 2015-08-12 | 吉首大学 | Computerized information burglary-resisting system |
CN104869243A (en) * | 2015-05-08 | 2015-08-26 | 上海斐讯数据通信技术有限公司 | Mobile phone anti-theft tracking system and method |
CN106201322A (en) * | 2016-09-21 | 2016-12-07 | 北京珠穆朗玛移动通信有限公司 | Unlocking screen false-touch prevention method and mobile terminal thereof |
CN106453874A (en) * | 2016-09-29 | 2017-02-22 | 李信 | Mobile phone control method and system |
-
2018
- 2018-11-30 CN CN201811452650.4A patent/CN109376555A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103036852A (en) * | 2011-09-29 | 2013-04-10 | 北大方正集团有限公司 | Method and device for achieving network login |
CN103401883A (en) * | 2013-08-16 | 2013-11-20 | 深信服网络科技(深圳)有限公司 | Single sign-on method and system |
US20150199542A1 (en) * | 2014-01-16 | 2015-07-16 | Fu Tai Hua Industry (Shenzhen) Co., Ltd. | Communication device and anti-loss method |
CN104010088A (en) * | 2014-06-16 | 2014-08-27 | 中国地质大学(武汉) | Smart-phone anti-theft method and system |
CN104869243A (en) * | 2015-05-08 | 2015-08-26 | 上海斐讯数据通信技术有限公司 | Mobile phone anti-theft tracking system and method |
CN204557496U (en) * | 2015-05-13 | 2015-08-12 | 吉首大学 | Computerized information burglary-resisting system |
CN106201322A (en) * | 2016-09-21 | 2016-12-07 | 北京珠穆朗玛移动通信有限公司 | Unlocking screen false-touch prevention method and mobile terminal thereof |
CN106453874A (en) * | 2016-09-29 | 2017-02-22 | 李信 | Mobile phone control method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9094543B2 (en) | Real time transmission of photographic images from portable handheld devices | |
US8224178B2 (en) | Real time transmission of photographic images from portable handheld devices | |
CN110879903A (en) | Evidence storage method, evidence verification method, evidence storage device, evidence verification device, evidence storage equipment and evidence verification medium | |
CN106878265B (en) | Data processing method and device | |
US20150341795A1 (en) | Instant messaging message processing method and device and storage medium | |
US20070198632A1 (en) | Transferring multimedia from a connected capture device | |
WO2014190426A1 (en) | Policy enforcement using natural language processing | |
Tso et al. | iPhone social networking for evidence investigations using iTunes forensics | |
US20100114750A1 (en) | Communication device and method for securing an internet bank account | |
US10623450B2 (en) | Access to data on a remote device | |
Salamh et al. | What’s on the horizon? An in-depth forensic analysis of android and iOS applications | |
EP3866032A1 (en) | Computer system and device for controlling use of secure media recordings | |
EP3497875B1 (en) | A method of generating a secure record of a conversation | |
US10430612B2 (en) | Electronic preemptive evidentiary escrow platform | |
Rottermanner et al. | Privacy and data protection in smartphone messengers | |
CN107911359B (en) | Method for acquiring electronic data | |
Heath et al. | Forensic analysis of ephemeral messaging applications: Disappearing messages or evidential data? | |
US9244918B2 (en) | Locating electronic documents | |
US10972746B2 (en) | Method of combining image files and other files | |
CN109376555A (en) | A method of evidence obtaining is monitored for Brute Force laptop password | |
Judge | Mobile forensics: Analysis of the messaging application signal | |
CN108075932B (en) | Data monitoring method and device | |
US9633228B1 (en) | Verifiable media system and method | |
WO2021058936A2 (en) | Imagery acquisition method and apparatus | |
Alhassan et al. | Forensic Acquisition of Data from a Crypt 12 Encrypted Database of Whatsapps |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190222 |