CN109376555A - A method of evidence obtaining is monitored for Brute Force laptop password - Google Patents

A method of evidence obtaining is monitored for Brute Force laptop password Download PDF

Info

Publication number
CN109376555A
CN109376555A CN201811452650.4A CN201811452650A CN109376555A CN 109376555 A CN109376555 A CN 109376555A CN 201811452650 A CN201811452650 A CN 201811452650A CN 109376555 A CN109376555 A CN 109376555A
Authority
CN
China
Prior art keywords
laptop
monitoring client
brute force
password
evidence obtaining
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811452650.4A
Other languages
Chinese (zh)
Inventor
陈海洋
叶兴
张文宇
郑斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Zhidaochuangyu Information Technology Co Ltd
Original Assignee
Chengdu Zhidaochuangyu Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Zhidaochuangyu Information Technology Co Ltd filed Critical Chengdu Zhidaochuangyu Information Technology Co Ltd
Priority to CN201811452650.4A priority Critical patent/CN109376555A/en
Publication of CN109376555A publication Critical patent/CN109376555A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of method for being monitored evidence obtaining for Brute Force laptop password, method particularly includes: pass through school and examine the password error event of operating system and starts the included camera and sound pick-up outfit of laptop;It is taken pictures using camera and evidence is recorded and uploaded with sound pick-up outfit to network server;Real-time informing is to the laptop owner, downloading and perpetuation of testimony;The present invention can timely understand the safe condition of notebook personal computer, especially after personal notebook sight away from keyboard, greatly reduce security risk;Video/audio image when available Brute Force simultaneously, is effectively reduced the evidence obtaining difficulty of security incident.

Description

A method of evidence obtaining is monitored for Brute Force laptop password
Technical field
The invention belongs to laptop security monitoring fields, and in particular to one kind is close for Brute Force laptop The method that code is monitored evidence obtaining.
Background technique
Currently, notebook personal computer is using widely, the safety problem of notebook is also increasingly important.Existing technology The behavior for stealing PC is monitored to realize by using the external monitoring device of usb expansion (such as camera etc.). But external device needs to put into hardware cost;External device is easily by malicious sabotage;Existing scheme is not to cracking computer system Behavior is monitored, and only has extremely limited monitoring to stealing behavior, and the data security in computer system is to have more Value.Term definition:
HOOK: computerese refers to one kind of interception or message or event in filtering computer operating system Mechanism.
Summary of the invention
To solve drawbacks described above, the present invention provides one kind to be monitored evidence obtaining for Brute Force laptop password Method, the realization of this method needs monitoring client, network server and the support of receiving end, specifically includes the following steps:
1, the cryptographic check event of monitoring client HOOK operating system;
2, monitoring client waits the password event of operating system;
3, when having the generation of cryptographic check event, monitoring client checks cryptographic check as a result, if cryptographic check success, executes step Rapid 2, it is no to then follow the steps 4;
4, judge the number of Password Input mistake, if number is more than the specified value N of configuration, thens follow the steps 5, otherwise return Step 2;
5, starting laptop included camera and sound pick-up outfit;
6, camera carries out once photo taking every 1s, and total duration of taking pictures is the specified T of configuration, and the result that will take pictures is raw At picture, the specified network server of configuration is then uploaded to;Sound pick-up outfit starts to record while taking pictures, and will be in recording Hold and generate audio file, is then uploaded to the specified network server of configuration;
7, configured receiving end in advance is sent notification to, content of announcement includes the server path uploaded;
8, file is downloaded after the notice for receiving monitoring client transmission in receiving end, extracts evidence.
Wherein, network server waits the upload request of monitoring client, and when upload request arrives, network server is by upload Content is saved under the specified catalogue of request.
Wherein, receiving end refers to personal mobile device, and content of announcement is extracted after the notice for receiving monitoring client transmission in receiving end In data storage path, extract network server on monitoring client upload picture and audio file as evidence.
Preferably, specified secondary numerical value of N >=3 are configured in step 4.
Preferably, specified T >=5s is configured in step 6.
Further, the mode of notice includes but is not limited to mail, short message and wechat.
The invention has the benefit that
The present invention can timely understand the safe condition of notebook personal computer, especially away from keyboard in personal notebook After sight, security risk is greatly reduced;Video/audio image when available Brute Force simultaneously, is effectively reduced taking for security incident Demonstrate,prove difficulty.
Detailed description of the invention
Fig. 1 is flow chart of the invention
Specific embodiment
Implementation method with reference to the accompanying drawing is described in further details the present invention.
Process of the invention as shown in Figure 1, specific to this method realization need monitoring client (i.e. laptop, and The position of step 1-7 operation), the branch of network server (operating in internet) and receiving end (referring generally to personal mobile device) It holds, implementation process is as follows:
1, the cryptographic check event of monitoring client HOOK operating system;
2, monitoring client waits the password event of operating system;
3, when having the generation of cryptographic check event, monitoring client checks cryptographic check as a result, if cryptographic check success, executes step Rapid 2, it is no to then follow the steps 4;
4, judge the number of Password Input mistake, if number is more than N (N >=3) secondary, then follow the steps 5, otherwise return step 2;
5, starting laptop included camera and sound pick-up outfit;
6, camera carries out once photo taking every 1s, and total duration of taking pictures is 10s, and the result that will take pictures generates picture, Then the specified network server of configuration is uploaded to;Sound pick-up outfit starts to record while taking pictures, and the content of recording is generated Then audio file is uploaded to the specified network server of configuration;
Network server waits the upload request of monitoring client, and when upload request arrives, network server is by the content of upload It is saved under the specified catalogue of request.
7, (a variety of meanss of communication, such as short message, the instant messages such as wechat tool also can be used) by way of mail Configured receiving end in advance is sent notification to, content of announcement includes the server path uploaded;
8, after the notice for receiving monitoring client transmission, Pop-up message is reminded, and initiates vibrations notice for receiving end.
The data storage path in content of announcement is extracted, monitoring client uploads on network server picture and audio text are extracted Part is as evidence.Evidence can submit to the police or other purposes.

Claims (6)

1. a kind of method for being monitored evidence obtaining for Brute Force laptop password, which is characterized in that the reality of this method Monitoring client, network server and the support of receiving end are now needed, the monitoring client refers to laptop, and the method is specifically wrapped Include following steps:
(1) the cryptographic check event of monitoring client HOOK operating system;
(2) monitoring client waits the password event of operating system;
(3) when having the generation of cryptographic check event, monitoring client checks cryptographic check as a result, if cryptographic check success, thens follow the steps (2), no to then follow the steps (4);
(4) judge the number of Password Input mistake, if number is more than the specified value N of configuration, thens follow the steps (5), otherwise return Step (2);
(5) starting laptop included camera and sound pick-up outfit;
(6) camera carries out once photo taking every 1s, and total duration of taking pictures is the specified T of configuration, and the result generation that will take pictures Then picture uploads to the specified network server of configuration;Sound pick-up outfit starts to record while taking pictures, and by the content of recording Audio file is generated, the specified network server of configuration is then uploaded to;
(7) configured receiving end in advance is sent notification to, content of announcement includes the server path uploaded;
(8) file is downloaded after the notice for receiving monitoring client transmission in receiving end, extracts evidence.
2. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 1, It is characterized in that, the network server waits the upload request of monitoring client, and when upload request arrives, network server will be uploaded Content be saved under the specified catalogue of request.
3. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 2, It is characterized in that, the receiving end refers to personal mobile device, and content of announcement is extracted after the notice for receiving monitoring client transmission in receiving end In data storage path, extract network server on monitoring client upload picture and audio file as evidence.
4. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 1, It is characterized in that, specified value N >=3 of configuration in the step (4).
5. a kind of method for being monitored evidence obtaining for Brute Force laptop password according to claim 1, It is characterized in that, the specified T >=10s of configuration in the step (6).
6. -5 any a kind of side for being monitored evidence obtaining for Brute Force laptop password according to claim 1 Method, which is characterized in that the mode of the notice includes but is not limited to mail, short message and wechat.
CN201811452650.4A 2018-11-30 2018-11-30 A method of evidence obtaining is monitored for Brute Force laptop password Pending CN109376555A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811452650.4A CN109376555A (en) 2018-11-30 2018-11-30 A method of evidence obtaining is monitored for Brute Force laptop password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811452650.4A CN109376555A (en) 2018-11-30 2018-11-30 A method of evidence obtaining is monitored for Brute Force laptop password

Publications (1)

Publication Number Publication Date
CN109376555A true CN109376555A (en) 2019-02-22

Family

ID=65376348

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811452650.4A Pending CN109376555A (en) 2018-11-30 2018-11-30 A method of evidence obtaining is monitored for Brute Force laptop password

Country Status (1)

Country Link
CN (1) CN109376555A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103036852A (en) * 2011-09-29 2013-04-10 北大方正集团有限公司 Method and device for achieving network login
CN103401883A (en) * 2013-08-16 2013-11-20 深信服网络科技(深圳)有限公司 Single sign-on method and system
CN104010088A (en) * 2014-06-16 2014-08-27 中国地质大学(武汉) Smart-phone anti-theft method and system
US20150199542A1 (en) * 2014-01-16 2015-07-16 Fu Tai Hua Industry (Shenzhen) Co., Ltd. Communication device and anti-loss method
CN204557496U (en) * 2015-05-13 2015-08-12 吉首大学 Computerized information burglary-resisting system
CN104869243A (en) * 2015-05-08 2015-08-26 上海斐讯数据通信技术有限公司 Mobile phone anti-theft tracking system and method
CN106201322A (en) * 2016-09-21 2016-12-07 北京珠穆朗玛移动通信有限公司 Unlocking screen false-touch prevention method and mobile terminal thereof
CN106453874A (en) * 2016-09-29 2017-02-22 李信 Mobile phone control method and system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103036852A (en) * 2011-09-29 2013-04-10 北大方正集团有限公司 Method and device for achieving network login
CN103401883A (en) * 2013-08-16 2013-11-20 深信服网络科技(深圳)有限公司 Single sign-on method and system
US20150199542A1 (en) * 2014-01-16 2015-07-16 Fu Tai Hua Industry (Shenzhen) Co., Ltd. Communication device and anti-loss method
CN104010088A (en) * 2014-06-16 2014-08-27 中国地质大学(武汉) Smart-phone anti-theft method and system
CN104869243A (en) * 2015-05-08 2015-08-26 上海斐讯数据通信技术有限公司 Mobile phone anti-theft tracking system and method
CN204557496U (en) * 2015-05-13 2015-08-12 吉首大学 Computerized information burglary-resisting system
CN106201322A (en) * 2016-09-21 2016-12-07 北京珠穆朗玛移动通信有限公司 Unlocking screen false-touch prevention method and mobile terminal thereof
CN106453874A (en) * 2016-09-29 2017-02-22 李信 Mobile phone control method and system

Similar Documents

Publication Publication Date Title
US9094543B2 (en) Real time transmission of photographic images from portable handheld devices
US8224178B2 (en) Real time transmission of photographic images from portable handheld devices
CN110879903A (en) Evidence storage method, evidence verification method, evidence storage device, evidence verification device, evidence storage equipment and evidence verification medium
CN106878265B (en) Data processing method and device
US20150341795A1 (en) Instant messaging message processing method and device and storage medium
US20070198632A1 (en) Transferring multimedia from a connected capture device
WO2014190426A1 (en) Policy enforcement using natural language processing
Tso et al. iPhone social networking for evidence investigations using iTunes forensics
US20100114750A1 (en) Communication device and method for securing an internet bank account
US10623450B2 (en) Access to data on a remote device
Salamh et al. What’s on the horizon? An in-depth forensic analysis of android and iOS applications
EP3866032A1 (en) Computer system and device for controlling use of secure media recordings
EP3497875B1 (en) A method of generating a secure record of a conversation
US10430612B2 (en) Electronic preemptive evidentiary escrow platform
Rottermanner et al. Privacy and data protection in smartphone messengers
CN107911359B (en) Method for acquiring electronic data
Heath et al. Forensic analysis of ephemeral messaging applications: Disappearing messages or evidential data?
US9244918B2 (en) Locating electronic documents
US10972746B2 (en) Method of combining image files and other files
CN109376555A (en) A method of evidence obtaining is monitored for Brute Force laptop password
Judge Mobile forensics: Analysis of the messaging application signal
CN108075932B (en) Data monitoring method and device
US9633228B1 (en) Verifiable media system and method
WO2021058936A2 (en) Imagery acquisition method and apparatus
Alhassan et al. Forensic Acquisition of Data from a Crypt 12 Encrypted Database of Whatsapps

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190222