WO2015066389A1 - Method and security system for network-enabled i/o devices - Google Patents

Method and security system for network-enabled i/o devices Download PDF

Info

Publication number
WO2015066389A1
WO2015066389A1 PCT/US2014/063269 US2014063269W WO2015066389A1 WO 2015066389 A1 WO2015066389 A1 WO 2015066389A1 US 2014063269 W US2014063269 W US 2014063269W WO 2015066389 A1 WO2015066389 A1 WO 2015066389A1
Authority
WO
WIPO (PCT)
Prior art keywords
computing device
user
security system
access
passwords
Prior art date
Application number
PCT/US2014/063269
Other languages
French (fr)
Inventor
Arnold P. Jonas
Ron JONAS
Original Assignee
Jonas Arnold P
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jonas Arnold P filed Critical Jonas Arnold P
Publication of WO2015066389A1 publication Critical patent/WO2015066389A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action

Definitions

  • the invention relates to a method and a computer security system that can prevent or discourage unauthorized individuals (such as hackers) from gaining unauthorized access to a computing device that does not belong to them without the device owner's knowledge or against the device owner's will.
  • hackers use various methods and tactics to do this.
  • a hacker may access a webcam, microphone, or other input/output device associated with a computing device remotely over a network connection (e.g., over the Internet, a local or wide area network, or the like).
  • the hacker's purpose for penetrating into the victim's computer may be to obtain personal information or confidential or classified information (business or otherwise) using the device's webcam, the device's internal or external microphone, or by gaining access to the device's documents, programs, or folders which store important documents, programs, photos, videos, and the like. Further, a hacker may wish to compromise a computing device to log keystrokes or touchscreen presses of a user so as to obtain login credentials, account numbers, credit and debit card numbers, and the like. Moreover, hackers may hack into a webcam to inappropriately observe the actions of any individual in the vicinity of a webcam.
  • This invention describes embodiments of a method and a computer security system that can reduce or prevent unauthorized access to a computing device, and in particular, access to an input/output (I/O) device such as a microphone, camera, webcam, keyboard, touchscreen, hard drive, external disk drive (such as a Universal Serial Bus (USB) drive or key), combinations of the same, or the like.
  • I/O input/output
  • the computer security system can reduce or prevent eavesdropping by protecting one or more microphones of a computing device, reduce or prevent unauthorized video capture or image capture via webcam or digital camera, and/or reduce or prevent theft or changing of documents stored on a computing device.
  • the computer security system can prevent or discourage unauthorized access of folders, documents, and the like on the computing device.
  • the method and computer security system according to the present invention can be used to secure or attempt to secure any type of computing device, which may be any device that includes a hardware processor or the like.
  • computing devices that may implement the computer security system include: cell phones, smart phones, personal digital assistants (PDAs), tablets, mini-tablets, laptops, desktops, televisions, digital video recorders (DVRs), set-top boxes, media servers, audio/visual (A/V) receivers, video game systems, high-definition disc players (such as Blu-ray(r) players), computer peripherals (such as standalone webcams, microphones, computer mice, keyboards, scanners, printers, copiers, and displays), universal serial bus (USB) keys, standalone digital cameras, loudspeakers, sound bars, appliances, vehicles, and digital picture frames, to name a few.
  • PDAs personal digital assistants
  • DVRs digital video recorders
  • set-top boxes media servers
  • audio/visual (A/V) receivers such as Blu-ray(r) players
  • a computer security system comprising computer hardware: detecting access of an input/output (I/O) device on a computing device, the I/O device comprising one of a camera and a microphone;
  • I/O input/output
  • RAT Administration Tool
  • a File Hijacker can encrypt a victim's files and then pop up a "ransomware" message demanding payment into a remote bank account in order to free the files.
  • unauthorized users may use a computing device's microphone to surreptitiously record or listen to a
  • Embodiments of the computer security system described herein can secure or attempt to secure a computing device against some or all of the above unauthorized activities.
  • FIGURE 1 depicts an embodiment of a computing environment 100 in which a user computing device 110 is in communication with a network 112, which may be a local area network, a wide area network, the Internet, or the like.
  • a hacker system 120 is also in communication with the network 112. The hacker system 120 may attempt to hack into or otherwise obtain unauthorized access to the computing device 110 over the network 112. For instance, the hacker system 120 may attempt to access the computing device 110 to perform any of the hacker actions described above, among others.
  • the computing device 110 may be any of the types of computing devices described above.
  • the example computing device 110 shown includes many example components, some of which are optional or may be omitted in some systems.
  • the computing device 110 includes one or more processors, memory, and I/O devices such as camera(s), microphone(s), a hard drive, an optical drive, a display, a keyboard, a mouse, and a touchpad, among possibly other devices.
  • Applications on the computing device 110 can communicate with the I/O devices via an operating system and device drivers.
  • the computer security system can secure any of the I/O devices (among others) shown from unauthorized access by the hacker system 120.
  • Example features of the computer security system are described in greater detail below.
  • the computer security system can optionally detect if a hacker was able to turn on a webcam, camera, or microphone. For instance, the computer security system can detect a camera/webcam (or microphone) ON state. Once detected, the computer security system can perform any of a variety of functions, including shutting down the camera/webcam/microphone so the hacker cannot continue to use it. Alternatively, or in addition to perform such an action, the computer security system can disconnect the computing device from the network (e.g., from the Internet), shut down the computing device, and/or provide a warning to the user of the computer via text or email or the like.
  • the network e.g., from the Internet
  • FIGURE 2 depicts an example flowchart representing
  • the computer security application requires two steps for a user (e.g., the owner or authorized operator of the computing device 110) to be able to use the webcam and microphone among other I/O devices shown in FIGURE 1.
  • a user e.g., the owner or authorized operator of the computing device 110
  • the user may be prompted for an initial password, and upon entering it correctly, the computer security system may move the user to step 2.
  • the computer security system can send a one-time computer generated password to the phone (e.g., via text) or email of the user of the computing device 110.
  • the computer security system may prompt the user to enter this password.
  • Communicating the password through an external message such as email or text can ensure or attempt to ensure that the password remains confidential and that the hacker may not have access to and not be able to access the webcam and microphone.
  • this second password may be omitted (or the first password may be omitted). Further, the steps may be performed in a different order.
  • the computer security system can prompt the user of the computing device 110 to enter one or more passwords. Upon correct entry of the one or more passwords, the computer security system can enable the user to proceed with use of the microphone, webcam, or other I/O device. Conversely, if the user does not enter the correct password, the computer security system can assume that the computing device 110 has been accessed by a hacker and take action to stop or reduce the effects of the hacking activity. Examples of actions the computer security application can take are described below.
  • the computer security system can send an email notifying the user of the computing device 110, then disconnect from the network 112.
  • the computer security system may output a warning on a display of the device 110, for example, with a popup window, message box, flashing light (such as a red light), audio warning, combinations of the same, or the like.
  • This warning may include an Internet Protocol (IP) address and location (e.g., country, city, state, etc.) where the hacker system 120 made the connection from.
  • IP Internet Protocol
  • location e.g., country, city, state, etc.
  • the computer security system can send an email and or text message to notify the user and then shut the computer down.
  • the result may be that privacy and security of the user are maintained.
  • the notification by email to the user is optional. Further, fewer or more than two passwords may be required to gain access to the I/O device in other embodiments.
  • the computer security system does not request a user to input a password. Rather, the computer security system sends an email or text message (or even an automated phone call) to the user, alerting the user of the potential unauthorized access. The user can then send an email or text back, or respond to voice prompts in a phone call, to cause the computer security application to automatically take corrective action.
  • the computer security system includes settings that a user can adjust to take any of the corrective actions described herein. These settings may, for instance, include options to automatically disconnect from the network/Internet or shut down within a certain period of time after detecting unauthorized activity.
  • FIGURES 3 and 4 depict example user interfaces 300, 400 on a computing device, which is an example of the computing device 110 described above.
  • the computing device includes a webcam 302 and a display.
  • a popup window 310 or message box is shown that indicates that potential unauthorized use of the webcam 310 has been detected.
  • the popup window 310 may be output by the computer security system in response to detecting activation of the webcam 302.
  • a similar warning may be output for any of the I/O devices (or folders/documents) described herein.
  • a password field is also included in the popup 310 that requests a user to enter a password.
  • a popup such as the popup window 410 or message box in FIGURE 4 may be displayed by the computer security system.
  • the popup window 410 asks the user to confirm his or her identity by entering in a second password, which may be the second password described above.
  • the computer security system can authorize access to the webcam 302. Otherwise, the computer security system can take any of the example corrective actions described herein (or any combination thereof).
  • Embodiments of the computer security system described herein can perform some or all of the following additional features:
  • Step #1 PASSWORD (Step #1 ) and a FINAL PASSWORD (Step #2).
  • Access to Registry can also be protected by the computer security system.
  • Running Process(es) can also be protected by the computer security system so running process(es) cannot be killed by hacker.
  • Program files folder and or any other necessary folder can be locked and protected by the computer security system.
  • a special folder can alternately be created using the computer security system that is encrypted which stores some or all of the user's most important
  • the computer security system can be used to protect any piece of hardware or digital device on the computer, from being manipulated and or exploited by a hacker.
  • the computer security system can accept a master key in case of emergency that the vendor of the compute security system can use to unlock some or all locked devices or software systems (e.g., webcam, microphone, protected folders, etc.) in case the computer owner gets into trouble.
  • the client's identity in such a case can be verified by asking security questions that the computer owner knows the answers to.
  • the vendor does not use the master key to open a client's locked device without going through this validation process with the computer owner together in an embodiment.
  • the computer security system can generate a new master password that will only work for that day, which the computer security system can provide to the vendor's systems (e.g., via communication with a server over a network).
  • the vendor system can push master passwords to computing devices that implement the computer security system. These can be computer-generated master keys.
  • acts or events can be performed concurrently, e.g., through multi-threaded processing, interrupt processing, or multiple processors or processor cores or on other parallel architectures, rather than sequentially.
  • different tasks or processes can be performed by different machines and/or computing systems that can function together.
  • a general purpose processor can be a microprocessor, but in the alternative, the processor can be a controller, microcontroller, or state machine, combinations of the same, or the like.
  • a processor can include electrical circuitry or digital logic circuitry configured to process computer-executable instructions.
  • a processor in another embodiment, includes an FPGA or other programmable device that performs logic operations without processing computer-executable instructions.
  • a processor can also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more
  • a computing environment can include any type of computer system, including, but not limited to, a computer system based on a microprocessor, a mainframe computer, a digital signal processor, a portable computing device, a device controller, or a computational engine within an appliance, to name a few.
  • a software module can reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of non-transitory computer-readable storage medium, media, or physical computer storage known in the art.
  • An example storage medium can be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium can be integral to the processor.
  • the storage medium can be volatile or nonvolatile.
  • the processor and the storage medium can reside in an ASIC.
  • Conditional language used herein such as, among others, “can,” “might,” “may,” “e.g.,” and the like, unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or states. Thus, such conditional language is not generally intended to imply that features, elements and/or states are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without author input or prompting, whether these features, elements and/or states are included or are to be performed in any particular embodiment.
  • the terms “comprising,” “including,” “having,” and the like are synonymous and are used inclusively, in an
  • each in addition to having its ordinary meaning, can mean any subset of a set of elements to which the term “each” is applied.

Abstract

A computer security system can reduce or prevent unauthorized access to a computing device. For example, the computer security system can prevent or discourage access to an input/output (I/O) device such as a microphone, camera, webcam, keyboard, touchscreen, hard drive, external disk drive (such as a Universal Serial Bus (USB) drive or key), combinations of the same, or the like. For instance, the computer security system can reduce or prevent eavesdropping by protecting one or more microphones of a computing device, reduce or prevent unauthorized video capture or image capture via webcam or digital camera, and/or reduce or prevent theft or changing of documents stored on a computing device. Further, the computer security system can prevent or discourage unauthorized access of folders, documents, and the like on the computing device.

Description

METHOD AND SECURITY SYSTEM FOR NETWORK-ENABLED I/O DEVICES
This application claims the benefit of priority of U.S. Provisional Application Serial No. 61898782 filed on November 1 , 2013.
DESCRIPTION:
[0001] The invention relates to a method and a computer security system that can prevent or discourage unauthorized individuals (such as hackers) from gaining unauthorized access to a computing device that does not belong to them without the device owner's knowledge or against the device owner's will. Hackers use various methods and tactics to do this. For example, a hacker may access a webcam, microphone, or other input/output device associated with a computing device remotely over a network connection (e.g., over the Internet, a local or wide area network, or the like).
[0002] The hacker's purpose for penetrating into the victim's computer may be to obtain personal information or confidential or classified information (business or otherwise) using the device's webcam, the device's internal or external microphone, or by gaining access to the device's documents, programs, or folders which store important documents, programs, photos, videos, and the like. Further, a hacker may wish to compromise a computing device to log keystrokes or touchscreen presses of a user so as to obtain login credentials, account numbers, credit and debit card numbers, and the like. Moreover, hackers may hack into a webcam to inappropriately observe the actions of any individual in the vicinity of a webcam. A Consumer Security Risks Survey in 2014 done by Kaspersky Lab showed that 20% of PC users hide the computer's camera from fear of espionage and invasion of privacy! Further, in this study is found that many computer users in the world are worried that hackers penetrated computerized cameras in their home or cell phone. Furthermore, 38% of users worry that someone may get access to their webcam, and 21 % of respondents admitted that they covered it up because of this (interestingly, 23% of men do this). Moreover, 6% of respondents even cover the camera on their smartphone. Respondents from China and the Asia-Pacific region do this most frequently:
Younger respondents were more suspicious than the older generation.
[0003] This invention describes embodiments of a method and a computer security system that can reduce or prevent unauthorized access to a computing device, and in particular, access to an input/output (I/O) device such as a microphone, camera, webcam, keyboard, touchscreen, hard drive, external disk drive (such as a Universal Serial Bus (USB) drive or key), combinations of the same, or the like. For instance, the computer security system can reduce or prevent eavesdropping by protecting one or more microphones of a computing device, reduce or prevent unauthorized video capture or image capture via webcam or digital camera, and/or reduce or prevent theft or changing of documents stored on a computing device. Further, the computer security system can prevent or discourage unauthorized access of folders, documents, and the like on the computing device.
[0004] The method and computer security system according to the present invention can be used to secure or attempt to secure any type of computing device, which may be any device that includes a hardware processor or the like. Some examples of computing devices that may implement the computer security system include: cell phones, smart phones, personal digital assistants (PDAs), tablets, mini-tablets, laptops, desktops, televisions, digital video recorders (DVRs), set-top boxes, media servers, audio/visual (A/V) receivers, video game systems, high-definition disc players (such as Blu-ray(r) players), computer peripherals (such as standalone webcams, microphones, computer mice, keyboards, scanners, printers, copiers, and displays), universal serial bus (USB) keys, standalone digital cameras, loudspeakers, sound bars, appliances, vehicles, and digital picture frames, to name a few.
More in particular the method of securing a computer system from remote intrusion according to the present invention, comprising:
under control of a computer security system comprising computer hardware: detecting access of an input/output (I/O) device on a computing device, the I/O device comprising one of a camera and a microphone;
in response to detecting access of the I/O device, requiring a user to enter one or more passwords;
in response to receiving one or more incorrect password attempts, taking a corrective action; and
in response to receiving one or more correct passwords, allowing access to the I/O device to proceed.
Embodiments of the method according to the present invention can be found in the following description of examples and in the claims at the end of this specification.
I. Example Hacking Techniques Using Remote Desktop Technology
[0005] Hackers can use remote desktop technology such as a Remote
Administration Tool (RAT) to access a victim's computing device. Such hackers are sometimes colloquially referred to as "ratters." Once access has been obtained, the hacker may be able to perform any of the following tasks, among others:
* Find out some or all system information, including hardware being used and the exact version of an operating system, including security patches
* Control some or all the processes currently running on the system
* View and modify the registry
* Modify the Hosts file
* Control the computer from a remote shell
* Modify the startup processes and services, including adding a few of its own
* Execute various types of scripts on the system
* Modify/View/Steal the files
* Put files of its own on the system
* Steal the stored password
* Listen to the microphone
* Log the keystrokes
* Scan the network
* View the network shares * Mess with the MSN Messenger / Steal the contacts / Add new contacts
* Steal from the clipboard (copied content)
* Control a printer
* Lock/Restart/Shutdown the computer
* Update the implant with a new address to beacon to or new functionality
* Watch the webcam
* Use the computing device in a denial of service (DOS) attack
* Hiding the Desktop-Hiding all the icons and making it impossible to right click on the desktop.
* Hide the Clock
* Hide Task lcons-ln the little box on the right side of the start bar
* Hide Sys Tray Icons-Hide icons and open application buttons on the taskbar
* Hide Taskbar
* Hide the Windows Start Button
* Disable the Windows Start Button-Gray out the start button, disabling it.
* Disable TaskMgr-Disables the Windows Task Manager
* Open/Close CD/DVD Tray
* Activate text-to-speech software on the remote system so that it reads strings of text out loud as a startle tactic.
* Open a chat window.
* Output any type of audio from a speaker coupled with a computing device
* Output any type of video or image on a display
* Play notes from a MIDI instrument or a specific frequency
* A File Hijacker can encrypt a victim's files and then pop up a "ransomware" message demanding payment into a remote bank account in order to free the files.
[0006] Further, in some embodiments, unauthorized users may use a computing device's microphone to surreptitiously record or listen to a
conversation without permission, for example, for corporate espionage or other purposes. [0007] Embodiments of the computer security system described herein can secure or attempt to secure a computing device against some or all of the above unauthorized activities.
II. Example Computer Security System
[0008] FIGURE 1 depicts an embodiment of a computing environment 100 in which a user computing device 110 is in communication with a network 112, which may be a local area network, a wide area network, the Internet, or the like. A hacker system 120 is also in communication with the network 112. The hacker system 120 may attempt to hack into or otherwise obtain unauthorized access to the computing device 110 over the network 112. For instance, the hacker system 120 may attempt to access the computing device 110 to perform any of the hacker actions described above, among others.
[0009] The computing device 110 may be any of the types of computing devices described above. The example computing device 110 shown includes many example components, some of which are optional or may be omitted in some systems. In the example embodiment shown, the computing device 110 includes one or more processors, memory, and I/O devices such as camera(s), microphone(s), a hard drive, an optical drive, a display, a keyboard, a mouse, and a touchpad, among possibly other devices. Applications on the computing device 110 can communicate with the I/O devices via an operating system and device drivers.
[0010] In addition, an example computer security system is shown. The computer security system can secure any of the I/O devices (among others) shown from unauthorized access by the hacker system 120. Example features of the computer security system are described in greater detail below.
III. Example Techniques For Securing Against Remote Desktop Access
[0011] The computer security system can optionally detect if a hacker was able to turn on a webcam, camera, or microphone. For instance, the computer security system can detect a camera/webcam (or microphone) ON state. Once detected, the computer security system can perform any of a variety of functions, including shutting down the camera/webcam/microphone so the hacker cannot continue to use it. Alternatively, or in addition to perform such an action, the computer security system can disconnect the computing device from the network (e.g., from the Internet), shut down the computing device, and/or provide a warning to the user of the computer via text or email or the like.
[0012] [0012] FIGURE 2 depicts an example flowchart representing
functionality that may be performed by the computer security system. In an embodiment, as shown in FIGURE 2, the computer security application requires two steps for a user (e.g., the owner or authorized operator of the computing device 110) to be able to use the webcam and microphone among other I/O devices shown in FIGURE 1. Referring to "MAIN PASSWORD" in FIGURE 2:
Example Step 1
[0013] The user may be prompted for an initial password, and upon entering it correctly, the computer security system may move the user to step 2.
Example Step 2
[0014] The computer security system can send a one-time computer generated password to the phone (e.g., via text) or email of the user of the computing device 110. The computer security system may prompt the user to enter this password. Communicating the password through an external message such as email or text can ensure or attempt to ensure that the password remains confidential and that the hacker may not have access to and not be able to access the webcam and microphone. This is the step in which the authorized user can obtain access to and be able to use the webcam and microphone if completed successfully. However, in other embodiments, this second password may be omitted (or the first password may be omitted). Further, the steps may be performed in a different order.
[0015] For instance, in one embodiment, if the computer security system detects that any usage of the microphone and/or webcam (or other I/O device) is occurring, the computer security system can prompt the user of the computing device 110 to enter one or more passwords. Upon correct entry of the one or more passwords, the computer security system can enable the user to proceed with use of the microphone, webcam, or other I/O device. Conversely, if the user does not enter the correct password, the computer security system can assume that the computing device 110 has been accessed by a hacker and take action to stop or reduce the effects of the hacking activity. Examples of actions the computer security application can take are described below.
[0016] In an embodiment, there are multiple ways to stop hacking activity, should the password(s) be entered incorrectly. Below are two example options:
Example Option 1 : Hacker's Entry Is Blocked by Disconnecting the Network
[0017] If one of the passwords is entered incorrectly a number of times, such as three times, the computer security system can send an email notifying the user of the computing device 110, then disconnect from the network 112. In addition, the computer security system may output a warning on a display of the device 110, for example, with a popup window, message box, flashing light (such as a red light), audio warning, combinations of the same, or the like. This warning may include an Internet Protocol (IP) address and location (e.g., country, city, state, etc.) where the hacker system 120 made the connection from. In an embodiment, the result may be that privacy and security of the user are maintained.
Example Option 2: Hacker's Entry Is Blocked by Shutting Down the Computing Device
[0018] If one of the passwords is entered incorrectly a number of times, such as three times, the computer security system can send an email and or text message to notify the user and then shut the computer down. In an embodiment, the result may be that privacy and security of the user are maintained.
[0019] In any of these embodiments, the notification by email to the user is optional. Further, fewer or more than two passwords may be required to gain access to the I/O device in other embodiments. Other example embodiments:
[0020] In other example embodiments, the computer security system does not request a user to input a password. Rather, the computer security system sends an email or text message (or even an automated phone call) to the user, alerting the user of the potential unauthorized access. The user can then send an email or text back, or respond to voice prompts in a phone call, to cause the computer security application to automatically take corrective action.
[0021] In other embodiments, the computer security system includes settings that a user can adjust to take any of the corrective actions described herein. These settings may, for instance, include options to automatically disconnect from the network/Internet or shut down within a certain period of time after detecting unauthorized activity.
IV. Example User Interfaces
[0022] FIGURES 3 and 4 depict example user interfaces 300, 400 on a computing device, which is an example of the computing device 110 described above. The computing device includes a webcam 302 and a display. Referring specifically to FIGURE 3, on the display, a popup window 310 or message box is shown that indicates that potential unauthorized use of the webcam 310 has been detected. The popup window 310 may be output by the computer security system in response to detecting activation of the webcam 302. A similar warning may be output for any of the I/O devices (or folders/documents) described herein. A password field is also included in the popup 310 that requests a user to enter a password.
[0023] If the user successfully enters the password, a popup such as the popup window 410 or message box in FIGURE 4 may be displayed by the computer security system. The popup window 410 asks the user to confirm his or her identity by entering in a second password, which may be the second password described above. Upon successful entry of this second password, the computer security system can authorize access to the webcam 302. Otherwise, the computer security system can take any of the example corrective actions described herein (or any combination thereof).
V. Additional Embodiments
[0024] Embodiments of the computer security system described herein can perform some or all of the following additional features:
1. Hacker cannot uninstall the computer security system without a MAIN
PASSWORD (Step #1 ) and a FINAL PASSWORD (Step #2).
2. Access to Registry can also be protected by the computer security system.
3. Running Process(es) can also be protected by the computer security system so running process(es) cannot be killed by hacker.
4. If the computer security system runs as a service, the service cannot be disabled
5. If the computer security system starts automatically when the computer starts, the computer security system cannot be disabled from startup items.
6. Program files folder and or any other necessary folder can be locked and protected by the computer security system.
7. A special folder can alternately be created using the computer security system that is encrypted which stores some or all of the user's most important
documents.
8. The computer security system can be used to protect any piece of hardware or digital device on the computer, from being manipulated and or exploited by a hacker.
9. The computer security system can accept a master key in case of emergency that the vendor of the compute security system can use to unlock some or all locked devices or software systems (e.g., webcam, microphone, protected folders, etc.) in case the computer owner gets into trouble. The client's identity in such a case can be verified by asking security questions that the computer owner knows the answers to. The vendor does not use the master key to open a client's locked device without going through this validation process with the computer owner together in an embodiment. In one embodiment, the computer security system can generate a new master password that will only work for that day, which the computer security system can provide to the vendor's systems (e.g., via communication with a server over a network). Conversely, the vendor system can push master passwords to computing devices that implement the computer security system. These can be computer-generated master keys.
VI. Terminology
[0025] Many other variations than those described herein will be apparent from this disclosure. For example, depending on the embodiment, certain acts, events, or functions of any of the algorithms described herein can be performed in a different sequence, can be added, merged, or left out altogether (e.g., not all described acts or events are necessary for the practice of the algorithms).
Moreover, in certain embodiments, acts or events can be performed concurrently, e.g., through multi-threaded processing, interrupt processing, or multiple processors or processor cores or on other parallel architectures, rather than sequentially. In addition, different tasks or processes can be performed by different machines and/or computing systems that can function together.
[0026] It is to be understood that not necessarily all such advantages can be achieved in accordance with any particular embodiment of the embodiments disclosed herein. Thus, the embodiments disclosed herein can be embodied or carried out in a manner that achieves or optimizes one advantage or group of advantages as taught herein without necessarily achieving other advantages as may be taught or suggested herein.
[0027] The various illustrative logical blocks, modules, and algorithm steps described in connection with the embodiments disclosed herein can be
implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. The described functionality can be implemented in varying ways for each particular application, but such
implementation decisions should not be interpreted as causing a departure from the scope of the disclosure.
[0028] The various illustrative logical blocks and modules described in connection with the embodiments disclosed herein can be implemented or performed by a machine, such as a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor can be a microprocessor, but in the alternative, the processor can be a controller, microcontroller, or state machine, combinations of the same, or the like. A processor can include electrical circuitry or digital logic circuitry configured to process computer-executable instructions. In another embodiment, a processor includes an FPGA or other programmable device that performs logic operations without processing computer-executable instructions. A processor can also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more
microprocessors in conjunction with a DSP core, or any other such configuration. A computing environment can include any type of computer system, including, but not limited to, a computer system based on a microprocessor, a mainframe computer, a digital signal processor, a portable computing device, a device controller, or a computational engine within an appliance, to name a few.
[0029] The steps of a method, process, or algorithm described in connection with the embodiments disclosed herein can be embodied directly in hardware, in a software module stored in one or more memory devices and executed by one or more processors, or in a combination of the two. A software module can reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of non-transitory computer-readable storage medium, media, or physical computer storage known in the art. An example storage medium can be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium can be integral to the processor. The storage medium can be volatile or nonvolatile. The processor and the storage medium can reside in an ASIC.
[0030] Conditional language used herein, such as, among others, "can," "might," "may," "e.g.," and the like, unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or states. Thus, such conditional language is not generally intended to imply that features, elements and/or states are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without author input or prompting, whether these features, elements and/or states are included or are to be performed in any particular embodiment. The terms "comprising," "including," "having," and the like are synonymous and are used inclusively, in an
open-ended fashion, and do not exclude additional elements, features, acts, operations, and so forth. Also, the term "or" is used in its inclusive sense (and not in its exclusive sense) so that when used, for example, to connect a list of elements, the term "or" means one, some, or all of the elements in the list.
Further, the term "each," as used herein, in addition to having its ordinary meaning, can mean any subset of a set of elements to which the term "each" is applied.
[0031] While the above detailed description has shown, described, and pointed out novel features as applied to various embodiments, it will be understood that various omissions, substitutions, and changes in the form and details of the devices or algorithms illustrated can be made without departing from the scope of the invetion. As will be recognized, certain embodiments of the inventions described herein can be embodied within a form that does not provide all of the features and benefits set forth herein, as some features can be used or practiced separately from others.

Claims

CLAIMS:
1. A method of securing a computer system from remote intrusion, the method comprising:
under control of a computer security system comprising computer hardware: detecting access of an input/output (I/O) device on a computing device, the I/O device comprising one of a camera and a microphone;
in response to detecting access of the I/O device, requiring a user to enter one or more passwords;
in response to receiving one or more incorrect password attempts, taking a corrective action; and
in response to receiving one or more correct passwords, allowing access to the I/O device to proceed.
2. The method of embodiment 1 , wherein said requiring the user to enter one or more passwords comprises requiring the user to enter two passwords.
3. The method of embodiment 1 or 2, wherein said requiring the user to enter one or more passwords comprises requiring the user to enter two passwords.
4. The method of any of the preceding embodiments, further comprising sending an email message or a text message to the user, the email message or text message reporting the detected access of the I/O device.
5. The method of any of the preceding embodiments, wherein the message further comprises one of the passwords, enabling the user to enter the correct one of the passwords at the computing device.
6. The method of any of the preceding embodiments, wherein said taking the corrective action comprises disconnecting the computing device from a network.
7. The method of any of the preceding embodiments, wherein said taking the corrective action comprises shutting down the computing device.
8. The method of any of the preceding embodiments, further comprising:
detecting access to a document or folder on the computing device;
in response to detecting access to the document or folder, requiring a user to enter a selected password;
in response to receiving an incorrect password, preventing access to the document or folder; and
in response to receiving the selected password, allowing access to the document or folder.
9. A computer system configured to implement the method of any of
embodiments 1 through 8.
10. Non-transitory physical computer storage comprising instructions stored thereon that, when executed by one or more processors, are configured to implement the method of any of claims 1 through 8.
PCT/US2014/063269 2013-11-01 2014-10-31 Method and security system for network-enabled i/o devices WO2015066389A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361898782P 2013-11-01 2013-11-01
US61/898,782 2013-11-01

Publications (1)

Publication Number Publication Date
WO2015066389A1 true WO2015066389A1 (en) 2015-05-07

Family

ID=53005149

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2014/063269 WO2015066389A1 (en) 2013-11-01 2014-10-31 Method and security system for network-enabled i/o devices

Country Status (1)

Country Link
WO (1) WO2015066389A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108520187A (en) * 2018-04-20 2018-09-11 西安交通大学 Industrial control system physics Network Intrusion detection method based on the analysis of serial communication bus signal
CN111343194A (en) * 2020-03-09 2020-06-26 深信服科技股份有限公司 Camera violation identification method, system and equipment and computer storage medium
CN112074745A (en) * 2018-06-28 2020-12-11 惠普发展公司,有限责任合伙企业 Power consumption monitoring of peripheral devices
CN113364912A (en) * 2021-05-28 2021-09-07 要塞移动通讯有限公司 Mobile phone with safe operation mode
US20220398309A1 (en) * 2021-06-14 2022-12-15 Kyndryl, Inc. Multifactor authorization on accessing hardware resources
US11928385B2 (en) 2019-07-30 2024-03-12 Hewlett-Packard Development Company, L.P. Sound processing logic connections
CN112074745B (en) * 2018-06-28 2024-05-10 惠普发展公司,有限责任合伙企业 Power consumption monitoring of peripheral devices

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070002129A1 (en) * 2005-06-21 2007-01-04 Benco David S Network support for remote mobile phone camera operation
US20070057763A1 (en) * 2005-09-12 2007-03-15 Imation Corp. Wireless handheld device with local biometric authentication
US20080282091A1 (en) * 2004-08-19 2008-11-13 International Business Machines Corporation Systems and Methods of Securing Resources Through Passwords
US20120151606A1 (en) * 2010-12-09 2012-06-14 James Hannon Software system for denying remote access to computer cameras

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080282091A1 (en) * 2004-08-19 2008-11-13 International Business Machines Corporation Systems and Methods of Securing Resources Through Passwords
US20070002129A1 (en) * 2005-06-21 2007-01-04 Benco David S Network support for remote mobile phone camera operation
US20070057763A1 (en) * 2005-09-12 2007-03-15 Imation Corp. Wireless handheld device with local biometric authentication
US20120151606A1 (en) * 2010-12-09 2012-06-14 James Hannon Software system for denying remote access to computer cameras

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108520187A (en) * 2018-04-20 2018-09-11 西安交通大学 Industrial control system physics Network Intrusion detection method based on the analysis of serial communication bus signal
CN108520187B (en) * 2018-04-20 2020-03-17 西安交通大学 Industrial control system physical intrusion attack detection method based on serial communication bus signal analysis
CN112074745A (en) * 2018-06-28 2020-12-11 惠普发展公司,有限责任合伙企业 Power consumption monitoring of peripheral devices
CN112074745B (en) * 2018-06-28 2024-05-10 惠普发展公司,有限责任合伙企业 Power consumption monitoring of peripheral devices
US11928385B2 (en) 2019-07-30 2024-03-12 Hewlett-Packard Development Company, L.P. Sound processing logic connections
CN111343194A (en) * 2020-03-09 2020-06-26 深信服科技股份有限公司 Camera violation identification method, system and equipment and computer storage medium
CN113364912A (en) * 2021-05-28 2021-09-07 要塞移动通讯有限公司 Mobile phone with safe operation mode
US20220398309A1 (en) * 2021-06-14 2022-12-15 Kyndryl, Inc. Multifactor authorization on accessing hardware resources
US11921842B2 (en) * 2021-06-14 2024-03-05 Kyndryl, Inc. Multifactor authorization on accessing hardware resources

Similar Documents

Publication Publication Date Title
US20200404019A1 (en) Mutual authentication security system with detection and mitigation of active man-in-the-middle browser attacks, phishing, and malware and other security improvements
US10432627B2 (en) Secure sensor data transport and processing
AU2011330044A1 (en) Method for providing active security authentication, and terminal and system for supporting same
US10411901B2 (en) Multi-user strong authentication token
WO2015066389A1 (en) Method and security system for network-enabled i/o devices
US11475123B2 (en) Temporary removal of software programs to secure mobile device
US20170169213A1 (en) Electronic device and method for running applications in different security environments
WO2015188442A1 (en) Password management method and device
KR20140077838A (en) Information processing apparatus, lock execution method, and lock execution system
US11379568B2 (en) Method and system for preventing unauthorized computer processing
US10192056B1 (en) Systems and methods for authenticating whole disk encryption systems
WO2023046104A1 (en) Object moving method and device
WO2016026333A1 (en) Data protection method, device and storage medium in connection between terminal and pc
US20200302060A1 (en) Enabling access to capturing devices by basic input and output systems (bios)
Initiative Man in the cloud (mitc) attacks
CN116032504A (en) Data decryption method, device and storage medium
KR20120055134A (en) Electronic device and control method for electronic device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14857374

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14857374

Country of ref document: EP

Kind code of ref document: A1