CN102393894B - Method and device for enhancing user information input security - Google Patents
Method and device for enhancing user information input security Download PDFInfo
- Publication number
- CN102393894B CN102393894B CN201110297951.6A CN201110297951A CN102393894B CN 102393894 B CN102393894 B CN 102393894B CN 201110297951 A CN201110297951 A CN 201110297951A CN 102393894 B CN102393894 B CN 102393894B
- Authority
- CN
- China
- Prior art keywords
- information
- input control
- input
- intercepted
- message transmission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Input From Keyboards Or The Like (AREA)
Abstract
The invention discloses a method and device for enhancing user information input security. The method comprises steps as follows: a timer triggers an input widget to generate interference information at definite time, and the input widget transmits the interference information to a message transfer chain; and when receiving the information on the message transfer chain, the input widget judges whether the received information contains interference information according to an interference time list or preset identifier value, if so, discards the received information, and else, saves the received information and transmits false information to the widget interface. After the generated interference information is interpolated into the message transfer chain, even if a hacker hook intercepts information on the transfer chain, the information is mixed information and can not endanger the user privacy, thereby enhancing the user information input security.
Description
Technical field
The present invention relates to information security field, particularly relate to a kind of method and apparatus improving user profile input safety.
Background technology
Along with the development of network technology, ecommerce develops with surprising rapidity, and meanwhile, the attack of hacker, the spreading unchecked of virus and trojan horse program, the security of network is day by day challenged.E-mail bomb, glacial epoch wooden horse, code red, shock wave virus, worm-type virus, Sasser etc., Virus Sample constantly changes renovation, performance characteristic is also very strange, its objective is that change computerized information makes its machine that can not normally run or delay, or network traffics of surging increase the network bandwidth, network congestion is blocked so that paralysis, or steal others' privacy.Particularly popular at present network robber miracle mutation, and the trojan horse program such as KeyLogger, to record key information for means, steal bank cipher, illegally obtain other people's money, gives the greater loss that contamination user causes.
From the principle of windows messaging transmission, keypad information (key assignments and scan code) is as expressly first being intercepted and captured by system by keypad interrupt program, corresponding application interface or focus window is passed to again according to Message Transmission chain, the program that other run in transmittance process can intercept and capture key information by modes such as hooks (Hook), trojan horse steals important information by intercepting and capturing key information just, as user account, password etc., privacy of user is revealed, and there is great potential safety hazard.
Summary of the invention
The object of the invention is to overcome the deficiencies in the prior art, provide a kind of method and apparatus improving user profile input safety, it has the feature of safe ready.
The invention provides a kind of method improving user profile input safety, comprising:
Steps A: timer clocked flip input control generates interfere information, and described interfere information is sent on Message Transmission chain by described input control;
Step B: when described input control receives the information on described Message Transmission chain, described input control judges whether have interfere information in the information received according to the value of list interference time or default mark, be, the information received described in abandoning, otherwise the information received described in preserving, sends false information to control interfaces.
Wherein, also comprised before described steps A: described input control starts described timer after receiving the triggering of input cursor and starts working.
Wherein, also comprised before described steps A: keyboard hook program is linked in application program by described input control, described input control starts described keyboard hook program after receiving the triggering of input cursor and starts working.
Wherein, input control described in described timer clocked flip unloads described keyboard hook program and is again linked in application program, and described keyboard hook program is started working.
Wherein, described keyboard hook program is intercepted and captured the information on described Message Transmission chain and is sent to described input control.
Wherein, described steps A is specially:
Input control described in described timer clocked flip generates interfering data, the transmitting time of described interfering data and described interfering data is formed interfere information, and described interfere information is sent on described Message Transmission chain, the transmitting time that described input control stores described interfering data generates list interference time.
Wherein, described step B is specially:
Described input control search in described list interference time described in transmitting time in the information that receives, as found, delete the transmitting time found in described list interference time, and the information received described in abandoning, as do not found, from the described information received, extracting real key data and preserve, generate false information and send it to control interfaces.
The invention provides the another kind of method improving user profile input safety, comprising:
Steps A: keyboard hook program is linked in application program by input control;
Step B: input control described in timer clocked flip generates interfere information and sends it on Message Transmission chain;
Step C: when described keyboard hook program intercepts and captures the information on described Message Transmission chain, described keyboard hook program is according to list interference time or preset whether the information intercepted described in the value judgement of mark is real key information, be, the information intercepted described in preserving, otherwise the described information intercepted is sent to lower floor's hook.
Wherein, also comprise between described steps A and step B: described input control starts described timer after receiving the triggering of input cursor and keyboard hook program is started working.
Wherein, input control described in described timer clocked flip unloads described keyboard hook program and is again linked in application program, and described keyboard hook program is started working.
Wherein, described step B is specially:
Input control described in described timer clocked flip generates interfering data, the transmitting time of described interfering data and described interfering data is formed interfere information by described input control, and described interfere information is sent on described Message Transmission chain, the transmitting time that described input control stores described interfering data generates list interference time.
Wherein, described step C is specially:
When described keyboard hook program intercepts and captures the information on described Message Transmission chain, described keyboard hook program search in described list interference time described in transmitting time in the information that intercepts, as do not found, the information intercepted described in preserving, as found, the described information intercepted being sent to lower floor's hook, deleting the transmitting time found in described list interference time.
Wherein, described method also comprises: as described in keyboard hook program judge as described in the information that intercepts be real key information time, described input control generates false information and also sends it to control interfaces.
Invention further provides a kind of device improving user profile input safety, comprise input control module and time block;
Described input control module comprises:
Generate transmitting element, for generating interfere information and sending it to Message Transmission chain;
Receiving element, for receiving the information on described Message Transmission chain;
Judge processing unit, comprising:
Judgment sub-unit, for judging whether have interfere information in the information in described receiving element according to the value of list interference time or default mark;
First storing sub-units, in the described information received without the information that receives described in preserving during described interfere information;
First generates subelement, for generating false information without during described interfere information in the described information received;
First sends subelement, for described false information being sent to control interfaces without during described interfere information in the described information received;
Discarding unit, abandons the described information received for having in the described information received during described interfere information;
Described time block is used for generating transmitting element described in clocked flip and starts working.
Wherein, described input control module also comprises start unit, starts working for starting described time block after receiving the triggering of input cursor.
Wherein, described device also comprises interception module, for from acquisition of information on described Message Transmission chain, and the described information intercepted is sent to described receiving element;
Described start unit is also started working for starting described interception module after receiving the triggering of input cursor;
Described time block restarts work after also quitting work for interception module described in clocked flip again.
Wherein, described generation transmitting element specifically comprises:
Second generates subelement, for generating interfering data;
Combination subelement, for forming described interfere information by the transmitting time of described interfering data and described interfering data;
Second storing sub-units, generates list interference time for the transmitting time storing described interfering data;
Second sends subelement, for the described interfere information in described combination subelement is sent to Message Transmission chain.
Wherein, described judgement processing unit also comprises extraction subelement and deletes subelement;
Described judgment sub-unit is specifically for the transmitting time in the information that receives described in searching in described second storing sub-units;
During transmitting time in the information that receives described in described extraction subelement is used for not finding in described second storing sub-units, from the described information received, extract real key data;
The real key data of described first storing sub-units specifically for extracting described in preserving;
Described deletion subelement is for deleting the transmitting time found in described second storing sub-units.
Invention further provides the another kind of device improving user profile input safety, comprise input control module, keyboard hook module and time block;
Described input control module comprises:
First generates transmitting element, for generating interfere information and sending it to Message Transmission chain;
Described keyboard hook module comprises:
Intercept and capture unit, for from acquisition of information on described Message Transmission chain;
Judge processing unit, comprising:
Judgment sub-unit: whether the information for intercepting according to the value judgement of list interference time or default mark is real key information;
First storing sub-units, for being the information that intercepts described in preserving during real key information in the described information intercepted;
First sends subelement, for the described information intercepted being sent to lower floor's hook when the described information intercepted is non-genuine key information;
Described time block is used for the first generation transmitting element described in clocked flip and intercepts and captures unit starting working, and also restarts work again for intercepting and capturing described in clocked flip after unit quits work.
Wherein, described input control module also comprises start unit, starts working for starting described time block after receiving the triggering of input cursor.
Wherein, described first generation transmitting element comprises:
First generates subelement, for generating interfering data;
Combination subelement, for forming described interfere information by the transmitting time of described interfering data and described interfering data;
Second storing sub-units, generates list interference time for the transmitting time storing described interfering data;
Second sends subelement, for the described interfere information in described combination subelement is sent to described Message Transmission chain.
Wherein, described judgement processing unit also comprises deletion subelement;
Described judgment sub-unit is specifically for the transmitting time in the information that receives described in searching in described second storing sub-units;
The transmitting time of described deletion subelement for finding described in deleting in described second storing sub-units.
Wherein, described input control module also comprises the second generation transmitting element, for generating false information when the described information intercepted is real key information, and described false information is sent to control interfaces.
The present invention compared with prior art, has the following advantages:
By the interfere information of generation is inserted on Message Transmission chain, even if hacker's hook intercepts the information on transfer chain, is also mixed information, can not works the mischief to privacy of user; By timing unloading and installation keyboard hook program, ensure that keyboard hook program can intercept the information on Message Transmission chain in time, by interfere information and real key data separation out, can not affect the work of control interfaces, strengthen the security of user profile input simultaneously.
Accompanying drawing explanation
Fig. 1 is real key information and the interfere information mixed transport schematic diagram on transfer chain in this enforcement of the present invention one;
A kind of method flow diagram improving user profile input safety that Fig. 2 provides for the embodiment of the present invention one;
The method flow diagram of the another kind raising user profile input safety that Fig. 3 provides for the embodiment of the present invention two;
The method flow diagram of another raising user profile input safety that Fig. 4 provides for the embodiment of the present invention three;
The method flow diagram of another raising user profile input safety that Fig. 5 provides for the embodiment of the present invention four;
A kind of block scheme improving the device of user profile input safety that Fig. 6 provides for the embodiment of the present invention five;
Fig. 7 is the concrete schematic diagram of the input control module in Fig. 6;
A kind of specific implementation block diagram improving the device of user profile input safety that Fig. 8 provides for the embodiment of the present invention six;
Another implementation schematic diagram of the device that Fig. 9 provides for the embodiment of the present invention six.
Specific embodiment
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Technical scheme of the present invention is by realizing at input control and timed sending device, concrete is: timer clocked flip input control calls call back function (as keybd_event function and SendInput function) and generates interfere information and send it on Message Transmission chain, the information that Message Transmission chain transmits is the mixed information of interfere information and real key information, even if it is also non-real key information that hacker's hook intercepts information from Message Transmission chain, improve the security of user profile input, real key information and the interfere information mixed transport process on transfer chain as shown in Figure 1.
Embodiment one
The embodiment of the present invention one provides a kind of method improving user profile input safety, information in the present embodiment on Message Transmission chain is made up of data and transmitting time, as interfere information comprises the transmitting time of interfering data and this interfering data, real key information comprises the transmitting time of real key data and this real key, input control distinguishes interfere information and button real information by transmitting time, as shown in Figure 2, comprising:
S101: input control receives input cursor and triggers, starts timer and starts working;
S102: timer clocked flip input control generates interfering data, the transmitting time of interfering data and this interfering data is formed interfere information by input control, is sent to by interfere information on Message Transmission chain;
Preferably, in the present embodiment, timer clocked flip input control calls keybd_event functional simulation input through keyboard and generates interfering data; Keybd_event function is provided by Windows API (window application interface); Concrete, timer triggers once every 500 milliseconds;
S103: the transmitting time that input control stores interfering data generates list interference time;
S104: when information on input control receipt message transfer chain, searching the transmitting time in the information received in list interference time, as found, perform S105, as do not found, performing S106;
When there being real key information, the information on Message Transmission chain is the mixed information (with reference to Fig. 1) of real key information and interfere information; Real key information comprises transmitting time and the real key data of real key;
As being provided with keyboard hook program in the present embodiment, the information on keyboard hook program intercepting messages transfer chain is also transmitted to input control;
S105: input control deletes the transmitting time found in list interference time, abandons the information received;
As being provided with keyboard hook in the present embodiment, S105 replaces with S105 ',
S105 ': input control deletes the transmitting time found in list interference time, and the described information received is sent to lower floor's hook;
S106: input control extracts real key data and preserves from the information received;
S107: input control generates false information and sends it to control interfaces.
In the present embodiment, timer clocked flip input control generates interfering data, the transmitting time of interfering data and this interfering data is formed interfere information and sends it on Message Transmission chain by input control, make to comprise interfere information in the information on Message Transmission chain, even if intercepted and captured by hacker's hook, also can not divulge privacy of user, improve the security of user profile input.
Embodiment two
Intercepted and captured by hacker's hook program for preventing the data on the present embodiment one Message Transmission chain, the present embodiment two provides the another kind of method improving user profile input safety, on the basis of embodiment one, be provided with keyboard hook program, the information on intercepting messages transfer chain is competed by keyboard hook program and hacker's hook program, the information intercepted sends to input control to process by keyboard hook program, the method of the present embodiment as shown in Figure 3, comprising:
S201: keyboard hook program is linked in application program by input control;
In the present embodiment, keyboard hook program is linked in application program by the HHOOKSetWindowsHookEx function calling API (Chinese: application programming interfaces) by input control; Keyboard hook program, hacker's hook program form Hook chain together with other hook program, and in Hook chain, last hook program of installing is in the top, and the hook installed at first is in bottom, and the hook namely installed afterwards preferentially obtains control;
S202: input control receives input cursor and triggers, starts keyboard hook program and timer is started working;
Concrete, in the present embodiment, timer triggers input control unloading keyboard hook program every 10 milliseconds and is again linked in application program, and keyboard hook program is started working;
S203: timer clocked flip input control generates interfere information, and sends it on Message Transmission chain;
Preferably, in the present embodiment, timer clocked flip input control calls SendInput functional simulation input through keyboard and generates interfere information, and sends it on Message Transmission chain; SendInput function is provided by Windows API (window application interface); Concrete, timer triggers once every 500 milliseconds;
S204: the information on keyboard hook program intercepting messages transfer chain, and acquisition of information is sent to input control;
S205: when input control receives the acquisition of information of keyboard hook program transmission, judging whether have interfere information in acquisition of information according to the value of default mark, is perform S206, otherwise performs S207;
S206: acquisition of information is sent to lower floor's hook by input control;
S207: input control preserves acquisition of information, generates false information and sends it to control interfaces.
In the present embodiment, keyboard hook program is reinstalled in timing unloading, and the priority making it obtain control compared with hacker's hook program is higher, also can arrange the chance that multiple keyboard hook program makes it intercept information from Message Transmission chain larger; In real key information, be mixed into interfere information, prevent the information on Message Transmission chain from being intercepted and captured by hacker's hook, improve the security of user profile input.
Embodiment three
The embodiment of the present invention three provides another to improve the method for user profile input safety, multiple keyboard hook program is set in the method, compared with hacker's hook program, the chance intercepting information from Message Transmission chain is larger, and keyboard hook program intercepts information from Message Transmission chain and does not send to input control but by oneself, as shown in Figure 4, the method that the present embodiment provides comprises:
S301: multiple keyboard hook program is linked in application program by input control;
In the present embodiment, keyboard hook program is linked in application program by the HHOOK SetWindowsHookEx function calling API by input control;
S302: input control receives input cursor and triggers, starts keyboard hook program and timer is started working;
Concrete, in the present embodiment, timer triggers input control every 10 milliseconds and unloads all keyboard hook programs and be again linked in application program, and all keyboard hook programs are started working;
S303: timer clocked flip input control generates interfering data, the transmitting time of interfering data and this interfering data is formed interfere information by input control, and is sent to by interfere information on Message Transmission chain;
Preferably, in the present embodiment, timer clocked flip input control calls SendInput functional simulation input through keyboard and generates interfering data, and is sent to by interfere information on Message Transmission chain; SendInput function is provided by Windows API (window application interface); Concrete, timer triggers once every 500 milliseconds;
S304: the transmitting time that input control stores interfering data generates list interference time;
S305: when information on keyboard hook program intercepting messages transfer chain, searching the transmitting time in the information intercepted in list interference time, as found, perform S306, as do not found, performing S308;
S306: the information intercepted is sent to lower floor's hook by keyboard hook program;
Concrete, in the present embodiment, in keyboard hook routine call Windows API, interfering data is sent to lower floor's hook by CallNextHookEx function;
S307: keyboard hook program deletes the transmitting time found in list interference time;
S308: the information intercepted described in the preservation of keyboard hook program;
S309: keyboard hook Program Generating false information also sends it to control interfaces.
The method that the embodiment of the present invention provides, keyboard hook program intercepts the information on Message Transmission chain, the real key information in the information intercepted is judged by list interference time, and generate a dummy message when the information intercepted is real key information and send to lower floor's hook, obscure the illegal operation of lower floor's hook to real key information.
Embodiment four
The embodiment of the present invention four provides the method that another improves user profile input safety, keyboard hook program distinguishes by the value presetting mark the real key information and interfere information that intercept in information in the method, with reference to figure 5, the method for the present embodiment specifically comprises:
S401: keyboard hook program is linked in application program by input control;
Concrete, keyboard hook program is linked in application program by the HHOOK SetWindowsHookEx function calling API by input control; In the present embodiment, keyboard hook program can arrange multiple, and the chance making it intercept information from Message Transmission chain compared with other hook program is larger;
S402: input control receives input cursor and triggers, starts keyboard hook program and timer is started working;
In the present embodiment, timer timing (as every 10 milliseconds) triggers input control and unloads all keyboard hook programs and be again linked in application program, and keyboard hook program is started working;
S403: timer clocked flip input control generates interfere information and sends it on Message Transmission chain;
Preferably, in the present embodiment, timer clocked flip input control calls SendInput function or keybd_event function and generates interfere information and be sent on Message Transmission chain; Wherein SendInput function, keybd_event function are provided by Windows API, and timer triggers once every 500 milliseconds;
Trigger when generating real key information when there being button, real key information is also sent on Message Transmission chain by input control, the transmission of Message Transmission chain be the mixed information (as shown in Figure 1) of real key information and interfere information;
S404: when keyboard hook program is from Message Transmission chain during acquisition of information, judge whether the information intercepted is real key information, is perform S405 according to the value of default mark, otherwise perform S407;
In the present embodiment, deterministic process is specially: keyboard hook program judges whether the value of real key mark in the information intercepted is preset value; Real key is designated dwFlags and dwExtraInfo, and preset value is 0;
S405: keyboard hook program preserves the information intercepted;
S406: keyboard hook Program Generating dummy message, sends to control interfaces by dummy message;
S407: the information intercepted is sent to lower floor's hook by keyboard hook program;
Concrete, in the present embodiment, in keyboard hook routine call Windows API, the information intercepted is sent to lower floor's hook by CallNextHookEx function.
For ensureing that keyboard hook program can intercept information from Message Transmission chain, in the present embodiment, in S401, multiple keyboard hook program is linked in application program by input control, in each keyboard hook program, same call back function is set, timer clocked flip input control unloads all keyboard hook programs and is linked in application program, and all keyboard hook programs are started working.
The method that the embodiment of the present invention provides, by being inserted on Message Transmission chain by the interfere information of generation, even if hacker's hook intercepts the information on transfer chain, also can not work the mischief to privacy of user; By timing unloading and installation keyboard hook program, ensure that keyboard hook program intercepts the information on Message Transmission chain in time, and by interfere information and real key data separation out, do not affect the work of control interfaces, strengthen the security of user profile input simultaneously.
Embodiment five
The embodiment of the present invention five provides a kind of device improving user profile input safety, as shown in Figure 6, comprises input control module 1 and time block 2;
Wherein input control module 1 comprises:
Generate transmitting element 11, for generating interfere information and sending it to Message Transmission chain;
Receiving element 12, the information on receipt message transfer chain;
Judge processing unit 13, comprising:
Judgment sub-unit 131, for judging whether have interfere information in the information in receiving element according to the value of list interference time or default mark;
First storing sub-units 132, for preserving the information received in the information received during noiseless information;
First generates subelement 133, for generating false information during noiseless information in the information received;
First sends subelement 134, for the false information of generation being sent to control interfaces during noiseless information in the information received;
Discarding unit 14, abandons the described information received for having in the described information received during described interfere information;
Concrete, in the present embodiment, input control module 1 also comprises start unit 15, starts working for starting time block 2 after receiving the triggering of input cursor;
Time block 2 generates transmitting element 11 for clocked flip and starts working;
Device in the present embodiment also comprises interception module 3, for from acquisition of information on Message Transmission chain, and the information intercepted is sent to receiving element 12;
Start unit 14 is also started working for starting interception module 3 after receiving the triggering of input cursor;
Time block 2 restarts work after also quitting work for clocked flip interception module 3 again.
As shown in Figure 7, the generation transmitting element 11 in the input control module 1 in the present embodiment specifically comprises:
Second generates subelement 111, for generating interfering data;
Combination subelement 112, for forming interfere information by the transmitting time of interfering data and interfering data;
Second storing sub-units 113, generates list interference time for the transmitting time storing interfering data;
Second sends subelement 114, for the interfere information in combination subelement is sent to Message Transmission chain.
Judge that processing unit 13 also comprises extract subelement 135 and delete subelement 136;
Judgment sub-unit 131 specifically for searching the transmitting time in the information received in the second storing sub-units 113;
When extracting subelement 135 for not finding the transmitting time in the information received in the second storing sub-units 113, from the information received, extract real key data;
First storing sub-units 132 is specifically for preserving the real key data extracted;
Delete subelement 136 for deleting the transmitting time found in the second storing sub-units 113.
Embodiment six
The embodiment of the present invention six provides the another kind of device improving user profile input safety, as shown in Figure 8, comprises input control module 4, keyboard hook module 5 and time block 6;
Input control module 4 comprises:
First generates transmitting element 41, for generating interfere information and sending it to Message Transmission chain;
In the present embodiment, input control module 4 also comprises start unit 42, starts working for starting time block 6 after receiving the triggering of input cursor.
Keyboard hook module 5 comprises:
Intercept and capture unit 51, for from acquisition of information on Message Transmission chain;
Judge processing unit 52, comprising:
Judgment sub-unit 521: for judging whether the information intercepted is real key information according to the value of list interference time or default mark;
First storing sub-units 522, for preserving this information intercepted when the information intercepted is real key information;
First sends subelement 523, for the information that this intercepts being sent to lower floor's hook when the information intercepted is non-genuine key information;
Time block 6 generates transmitting element 41 for clocked flip first and intercepts and captures unit 51 and starts working, and also intercepts and captures after unit 51 quits work for clocked flip and restarts work again.
The device that the present embodiment provides also has another kind of implementation, and as shown in Figure 9, first generates transmitting element 41 comprises:
First generates subelement 411, for generating interfering data;
Combination subelement 412, for forming interfere information by the transmitting time of interfering data and this interfering data;
Second storing sub-units 413, generates list interference time for the transmitting time storing interfering data;
Second sends subelement 414, for the interfere information in combination subelement 412 is sent to Message Transmission chain;
Judge that processing unit 52 also comprises and delete subelement 524;
Judgment sub-unit 521 is for the transmitting time in the information that receives described in searching in described second storing sub-units 413;
Delete subelement 524 for deleting the transmitting time found in the second storing sub-units 413.
Input control module 4 also comprises the second generation transmitting element 43, generates false information, and false information is sent to control interfaces during for being real key information in the information intercepted.
The method and apparatus that the embodiment of the present invention provides, by being sent on Message Transmission chain by the interfere information of generation, even if hacker's hook intercepts the information on transfer chain, being also mixed information, can not working the mischief to privacy of user; Unload by timing and reinstall keyboard hook program, ensure that keyboard hook program can intercept the information on Message Transmission chain in time, by interfere information and real key data separation out, do not affect the work of control interfaces, strengthen the security of user profile simultaneously.
These are only preferred embodiment of the present invention, not in order to limit the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (2)
1. improve a method for user profile input safety, it is characterized in that, comprising:
Steps A: multiple keyboard hook program is linked in application program by input control; Described input control starts first timer, second timer and described multiple keyboard hook program after receiving the triggering of input cursor and starts working; The input control described multiple keyboard hook program of unloading described in described first timer clocked flip is also linked in application program again, and described multiple keyboard hook program is started working;
Step B: input control described in described second timer clocked flip generates interfering data, the transmitting time of described interfering data and described interfering data is formed interfere information by described input control, and described interfere information is sent on Message Transmission chain, the transmitting time that described input control stores described interfering data generates list interference time;
Step C: when one of them keyboard hook program intercepts and captures the information on described Message Transmission chain, described keyboard hook program searches the transmitting time in the information intercepted in described list interference time, as do not found, the information intercepted described in described keyboard hook program preservation, generate false information and send it to control interfaces, as found, the described information intercepted being sent to lower floor's hook, deleting the transmitting time found in described list interference time.
2. improve a device for user profile input safety, it is characterized in that, comprise input control module, keyboard hook module and time block;
Described input control module comprises:
First generates transmitting element, for generating interfere information and sending it to Message Transmission chain, specifically comprises:
Promoter unit, starts working for starting described time block after receiving the triggering of input cursor;
First generates subelement, for generating interfering data;
Combination subelement, for forming described interfere information by the transmitting time of described interfering data and described interfering data;
Second storing sub-units, generates list interference time for the transmitting time storing described interfering data;
Second sends subelement, for the described interfere information in described combination subelement is sent to described Message Transmission chain; Described keyboard hook module comprises:
Intercept and capture unit, for from acquisition of information on described Message Transmission chain;
Judge processing unit, comprising:
Judgment sub-unit: for searching the transmitting time in the information intercepted in described second storing sub-units, as found, described in the information that intercepts be interfere information, as do not found, described in the information that intercepts be real key information; First storing sub-units, for being the information that intercepts described in preserving during real key information in the described information intercepted;
First sends subelement, for the described information intercepted being sent to lower floor's hook when the described information intercepted is non-genuine key information;
Second generates transmitting element, for generating false information when the described information intercepted is real key information, and described false information is sent to control interfaces;
Delete subelement, in the transmitting time of the described information intercepted for finding described in deleting during non-genuine key information in described second storing sub-units;
Described time block comprises the first timing unit and the second timing unit, described second timing unit is used for the first generation transmitting element described in clocked flip and intercepts and captures unit starting working, and described first timing unit is used for intercepting and capturing after unit quits work described in clocked flip restarting work again.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110297951.6A CN102393894B (en) | 2011-09-30 | 2011-09-30 | Method and device for enhancing user information input security |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110297951.6A CN102393894B (en) | 2011-09-30 | 2011-09-30 | Method and device for enhancing user information input security |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102393894A CN102393894A (en) | 2012-03-28 |
CN102393894B true CN102393894B (en) | 2015-07-22 |
Family
ID=45861217
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110297951.6A Expired - Fee Related CN102393894B (en) | 2011-09-30 | 2011-09-30 | Method and device for enhancing user information input security |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102393894B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103164650B (en) * | 2013-03-26 | 2016-08-03 | 北京奇虎科技有限公司 | The implementation method of browser side safe control and browser |
US11366816B2 (en) | 2014-03-07 | 2022-06-21 | Capitalogix Ip Owner, Llc | Secure intelligent networked systems |
CN104573484A (en) * | 2014-12-31 | 2015-04-29 | 上海动联信息技术股份有限公司 | Highly safe password input box |
CN106293486B (en) | 2015-05-29 | 2020-08-25 | 腾讯科技(深圳)有限公司 | Interaction method and device between terminals |
US10423800B2 (en) | 2016-07-01 | 2019-09-24 | Capitalogix Ip Owner, Llc | Secure intelligent networked architecture, processing and execution |
CN107844717A (en) * | 2016-09-21 | 2018-03-27 | 中兴通讯股份有限公司 | Safe input system, method and intelligent terminal |
CN106446678A (en) * | 2016-09-22 | 2017-02-22 | 武汉斗鱼网络科技有限公司 | Method and system for protecting network account based on handle function |
US10387679B2 (en) | 2017-01-06 | 2019-08-20 | Capitalogix Ip Owner, Llc | Secure intelligent networked architecture with dynamic feedback |
CN109598872B (en) * | 2018-12-06 | 2021-02-05 | 深圳市新国都支付技术有限公司 | Method and system for applying interference signal to keyboard through analog waveform |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1719370A (en) * | 2004-07-09 | 2006-01-11 | 中国民生银行股份有限公司 | Method of implementing cipher protection against computer keyboard information interfference |
CN101441689A (en) * | 2007-11-23 | 2009-05-27 | 杨筑平 | Login protection method |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3395163B2 (en) * | 1997-12-08 | 2003-04-07 | 沖電気工業株式会社 | Apparatus and method for automatically verifying communication software |
JP2002314929A (en) * | 2001-04-10 | 2002-10-25 | Victor Co Of Japan Ltd | Method of recording and reproducing video signal, video signal recorder, reproducing device and recording medium thereof |
CN100485708C (en) * | 2007-08-07 | 2009-05-06 | 江雨 | Input data safe treatment method and device |
-
2011
- 2011-09-30 CN CN201110297951.6A patent/CN102393894B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1719370A (en) * | 2004-07-09 | 2006-01-11 | 中国民生银行股份有限公司 | Method of implementing cipher protection against computer keyboard information interfference |
CN101441689A (en) * | 2007-11-23 | 2009-05-27 | 杨筑平 | Login protection method |
Also Published As
Publication number | Publication date |
---|---|
CN102393894A (en) | 2012-03-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102393894B (en) | Method and device for enhancing user information input security | |
CN109495443B (en) | Method and system for resisting Lexong software attack based on host honeypot | |
EP2005350B1 (en) | Method and system for mobile network security, related network and computer program product | |
CN102523223B (en) | Trojan detection method and apparatus thereof | |
CN101478407B (en) | Method and apparatus for on-line safe login | |
CN106161395B (en) | Method, device and system for preventing brute force cracking | |
US10218717B1 (en) | System and method for detecting a malicious activity in a computing environment | |
WO2008131667A1 (en) | Method, device for identifying service flows and method, system for protecting against a denial of service attack | |
CN107204965B (en) | Method and system for intercepting password cracking behavior | |
WO2018157626A1 (en) | Threat detection method and apparatus | |
CN111010384A (en) | Self-security defense system and security defense method for terminal of Internet of things | |
CN100345078C (en) | Method of implementing cipher protection against computer keyboard information interfference | |
CN113904820A (en) | Network intrusion prevention method, system, computer and readable storage medium | |
CN111859374B (en) | Method, device and system for detecting social engineering attack event | |
CN108989294A (en) | A kind of method and system for the malicious user accurately identifying website visiting | |
CN104125213A (en) | Distributed denial of service DDOS attack resisting method and device for firewall | |
CN104883364A (en) | Method and device for judging abnormity of user access server | |
CN104796386A (en) | Detection method, device and system of botnet | |
US10237287B1 (en) | System and method for detecting a malicious activity in a computing environment | |
CN105991509A (en) | Session processing method and apparatus | |
KR20110004935A (en) | Malicious file detection system, malicious file detection apparatus and its method | |
US20130104233A1 (en) | Network data control device and network data control method for controling network data that generates malicious code in mobile equipment | |
CN107154926A (en) | A kind of recognition methods and system for forging the fishing mail of sender | |
CN106203096B (en) | A kind of application program identifying processing method and device | |
CN111107069A (en) | DoS attack protection method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150722 |