WO2016134730A1 - Method for analysing if display data generated by an application has been tampered with - Google Patents

Method for analysing if display data generated by an application has been tampered with Download PDF

Info

Publication number
WO2016134730A1
WO2016134730A1 PCT/EE2016/000001 EE2016000001W WO2016134730A1 WO 2016134730 A1 WO2016134730 A1 WO 2016134730A1 EE 2016000001 W EE2016000001 W EE 2016000001W WO 2016134730 A1 WO2016134730 A1 WO 2016134730A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
pixels
screen
data
displayed
Prior art date
Application number
PCT/EE2016/000001
Other languages
French (fr)
Inventor
Trond Lemberg
Original Assignee
Protectoria As
Patendibüroo Käosaar Oü
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Protectoria As, Patendibüroo Käosaar Oü filed Critical Protectoria As
Priority to EP16710672.3A priority Critical patent/EP3262502A1/en
Publication of WO2016134730A1 publication Critical patent/WO2016134730A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/14Digital output to display device ; Cooperation and interconnection of the display device with other functional units
    • G06F3/1415Digital output to display device ; Cooperation and interconnection of the display device with other functional units with means for detecting differences between the image stored in the host and the images displayed on the displays
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/14Digital output to display device ; Cooperation and interconnection of the display device with other functional units
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/0021Image watermarking
    • G06T1/0042Fragile watermarking, e.g. so as to detect tampering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/44008Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving operations for analysing video streams, e.g. detecting features or characteristics in the video stream
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8358Generation of protective data, e.g. certificates involving watermark
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2201/00General purpose image data processing
    • G06T2201/005Image watermarking
    • G06T2201/0051Embedding of the watermark in the spatial domain
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2201/00General purpose image data processing
    • G06T2201/005Image watermarking
    • G06T2201/0081Image watermarking whereby both original and watermarked images are required at decoder, e.g. destination-based, non-blind, non-oblivious
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09GARRANGEMENTS OR CIRCUITS FOR CONTROL OF INDICATING DEVICES USING STATIC MEANS TO PRESENT VARIABLE INFORMATION
    • G09G2358/00Arrangements for display data security

Definitions

  • the present invention regards a method for analyzing if data generated by an application has been tampered with before it is displayed to the user by securing that a dataset produced by an application and sent to the screen of an end users device actually is displayed and presented on screen.
  • Tampering is the deliberate altering or adulteration of information, and today there is no single solution that can be considered as tamper proof.
  • a problem regarding tampering with displayed data is that it is usually hard to detect and check if data has been tampered with or not.
  • the application generates the data to be display on the screen of a device.
  • the application generates randomized addresses for positioning pixels on the screen of the device in question.
  • the application analyses the addressing and inserts the pixels in the blue channel (RGB) into the data that is going to be displayed in order to make the pixels as invisible for humans as possible.
  • RGB blue channel
  • the application executes display operations and presents the data to the end user.
  • the application takes screen shot of what actually is displayed to the end user
  • the application analyses the screen shot in order to detect the inserted pixels and compares the number and position of the pixels with the pixels that the application generated and processed for display to the end user.
  • An example of a scenario is a hacker interfering with a bank transaction between a user and a bank.
  • the hacker intercepts the transaction and changes the amount to be paid and the account number it is to be paid to.
  • the bank sees the information the hacker has entered and thinks it is from the user. The user only sees the information originally entered and approves the falsified transaction of the money.
  • a screenshot is taken of what is actually displayed at the other side.

Abstract

A method for analyzing if data generated by an application has been tampered with, comprising an application and a device with a screen and a channel of communication, wherein said application generates data to be display on the screen of a device, pixels is inserted into the data that is going to be displayed, said application generates randomized addresses for positioning pixels on the screen of the device in question, the display operations are executed and the data presented to the end user, a screen shot of what is displayed is taken, and said screen shot is analyzed, and the number and position of the pixels compares with the pixels that the application generated and processed for display to the end user.

Description

METHOD FOR ANALYSING IF DISPLAY DATA GENERATED BY AN APPLICATION
HAS BEEN TAMPERED WITH
Technical field
The present invention regards a method for analyzing if data generated by an application has been tampered with before it is displayed to the user by securing that a dataset produced by an application and sent to the screen of an end users device actually is displayed and presented on screen.
Background of the invention
Tampering is the deliberate altering or adulteration of information, and today there is no single solution that can be considered as tamper proof.
Often several levels of security are needed to be addressed to reduce the risk of tampering. Usually the following considerations are taken in order to prevent tampering :
Identify who a potential tampering attacker might be and what level of knowledge they might they have.
Identify all feasible methods of unauthorized access into a system. In addition to the primary means of entry, also consider back door methods.
Control or limit access to systems of interest.
Improve the tamper resistance by making tampering more difficult, time-consuming, etc.
Add tamper-evident features to help indicate the existence of tampering.
Educate people to watch for evidence of tampering.
A problem regarding tampering with displayed data is that it is usually hard to detect and check if data has been tampered with or not.
Summary of the invention
It is therefore an object of the invention, as it is stated in the set of claims, to solve the problems stated above. This is done by the application by adding randomly positioning pixels into the screen of the device in question, the application executes display operations and presents the display data to the end user, the application takes screen shots of what actually is displayed and compares the number and position of the pixels with that generated by the application.
If the comparison results in matched pixels in number, color and position the application has verified that data processes for display actually was displayed to the end user without any changes. But, if the comparison results in non-matching the application can, depending on the unmatched number and /or color that the display operation has been tampered with.
SUBSTITUTE SHEETS (RULE 26) Detailed description
The application generates the data to be display on the screen of a device.
The application generates randomized addresses for positioning pixels on the screen of the device in question.
The application analyses the addressing and inserts the pixels in the blue channel (RGB) into the data that is going to be displayed in order to make the pixels as invisible for humans as possible.
The application executes display operations and presents the data to the end user.
The application takes screen shot of what actually is displayed to the end user
The application analyses the screen shot in order to detect the inserted pixels and compares the number and position of the pixels with the pixels that the application generated and processed for display to the end user.
If the comparison results in matched pixels in number, color and position the application has verified that data processes for display actually was displayed to the end user without any changes. But, if the comparison results in non-matching the application can, depending on the unmatched number and /or color that the display operation has been tampered with.
An example of a scenario is a hacker interfering with a bank transaction between a user and a bank. When a user tries to pay a bill using net banking, the hacker intercepts the transaction and changes the amount to be paid and the account number it is to be paid to. The bank sees the information the hacker has entered and thinks it is from the user. The user only sees the information originally entered and approves the falsified transaction of the money.
With the present invention, a screenshot is taken of what is actually displayed at the other side. By checking if a set of marker pixels inserted into the picture at the user side corresponds with a set of marker pixels in the screen shot of what is displayed at the banking side it is possible to detect if the information in the picture has been tampered with, and hence stop the transaction.
SUBSTITUTE SHEETS (RULE 26)

Claims

Claims
1. A method for analyzing if display data generated by an application has been tampered with, comprising an application and a device with a screen and a channel of communication, c h a r a c t e r i z e d i n t h a t :
• said application generates data to be displayed on the screen of a device,
• said application generates randomized addresses for positioning pixels on the screen of the device in question,
• pixels is according to the pixel addressing information inserted into the data that is going to be displayed,
• the display operations are executed and the data presented to the end user,
• a screen shot of what is displayed is taken, and
• said screen shot is analyzed by the application, and the number and position of the pixels are compared with the pixels that the application generated and processed for display to the end user.
2. A method according to claim 1, wherein the inserted pixels is in the blue channel in the RGB color model.
SUBSTITUTE SHEETS (RULE 26)
PCT/EE2016/000001 2015-02-24 2016-02-25 Method for analysing if display data generated by an application has been tampered with WO2016134730A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP16710672.3A EP3262502A1 (en) 2015-02-24 2016-02-25 Method for analysing if display data generated by an application has been tampered with

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NO20150255 2015-02-24
NO20150255A NO339312B1 (en) 2015-02-24 2015-02-24 Secure data for display

Publications (1)

Publication Number Publication Date
WO2016134730A1 true WO2016134730A1 (en) 2016-09-01

Family

ID=55586110

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EE2016/000001 WO2016134730A1 (en) 2015-02-24 2016-02-25 Method for analysing if display data generated by an application has been tampered with

Country Status (3)

Country Link
EP (1) EP3262502A1 (en)
NO (1) NO339312B1 (en)
WO (1) WO2016134730A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109544170A (en) * 2018-11-26 2019-03-29 努比亚技术有限公司 A kind of transaction snapshot verification method, equipment and computer readable storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6873711B1 (en) * 1999-11-18 2005-03-29 Canon Kabushiki Kaisha Image processing device, image processing method, and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140201527A1 (en) * 2013-01-17 2014-07-17 Zohar KRIVOROT Systems and methods for secure and private delivery of content
GB2512140A (en) * 2013-03-22 2014-09-24 Classfiedapp Ltd Messaging system and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6873711B1 (en) * 1999-11-18 2005-03-29 Canon Kabushiki Kaisha Image processing device, image processing method, and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
WALTON S: "IMAGE AUTHENTICATION FOR A SLIPPERY NEW AGE", DR. DOBB'S JOURNAL, M&T PUBL., REDWOOD CITY, CA, US, vol. 20, no. 4, 1 April 1995 (1995-04-01), pages 18 - 20,22,24, XP000198825, ISSN: 1044-789X *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109544170A (en) * 2018-11-26 2019-03-29 努比亚技术有限公司 A kind of transaction snapshot verification method, equipment and computer readable storage medium
CN109544170B (en) * 2018-11-26 2023-08-11 努比亚技术有限公司 Transaction snapshot verification method, device and computer readable storage medium

Also Published As

Publication number Publication date
NO20150255A1 (en) 2016-08-25
NO339312B1 (en) 2016-11-21
EP3262502A1 (en) 2018-01-03

Similar Documents

Publication Publication Date Title
US10798313B2 (en) Preserving privacy in surveillance
US8397275B1 (en) Time-varying sequenced image overlays for CAPTCHA
US9584543B2 (en) Method and system for web integrity validator
US7913292B2 (en) Identification and visualization of trusted user interface objects
US20190273750A1 (en) Methods and apparatus for detecting remote control of a client device
US20120299701A1 (en) Method and apparatus for passcode entry
Murdoch et al. How certification systems fail: Lessons from the Ware report
Nia et al. Assessing fraud risk factors of assets misappropriation: Evidences from Iranian banks
US9672581B2 (en) Multimodal biometric profiling
Sava et al. Assessing the impact of transformations on physical adversarial attacks
WO2016134730A1 (en) Method for analysing if display data generated by an application has been tampered with
CN115659295B (en) Page protection method, device, equipment and storage medium
CN109345186B (en) Service handling method based on Internet of things and terminal equipment
CN103650459A (en) Information presentation method and equipment
Shetty et al. Investigation of Card Skimming Cases: An Indian Perspective
CN112883951B (en) Method, system and storage medium for protecting sensitive content
US20190080100A1 (en) Identify and protect sensitive text in graphics data
Hole et al. Lessons from the Norwegian ATM system
Nashit Global cybercrimes, associated laws and befitting policies for Pakistan
US20170348994A1 (en) Invisible Luminescent Protection for Financial and Identification Documents
CN114550253B (en) Method and device for preprocessing face image in queuing scene
Sultanov et al. Peculiarities of the investigation of crimes and administrative offenses committed in the digital environment
Grillenmeier Protecting Active Directory against modern threats
Rusch Foreground and Background in Cybercrime: A Reply to Pinguelo and Muller
EP3557839A1 (en) Method for securing a computer system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16710672

Country of ref document: EP

Kind code of ref document: A1

REEP Request for entry into the european phase

Ref document number: 2016710672

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE