KR20110049196A - Hacking protection input system - Google Patents
Hacking protection input system Download PDFInfo
- Publication number
- KR20110049196A KR20110049196A KR1020090106101A KR20090106101A KR20110049196A KR 20110049196 A KR20110049196 A KR 20110049196A KR 1020090106101 A KR1020090106101 A KR 1020090106101A KR 20090106101 A KR20090106101 A KR 20090106101A KR 20110049196 A KR20110049196 A KR 20110049196A
- Authority
- KR
- South Korea
- Prior art keywords
- flash
- module
- input
- action
- user computer
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/629—Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0484—Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
- G06F3/04842—Selection of displayed objects or displayed text elements
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Human Computer Interaction (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
Description
The present invention relates to a hacking prevention system, and more particularly, even if a computer user accesses a specific site on the Internet and inputs a password (PW), the hacking attempt performed by a hacker by a key input or a click input can be blocked. It relates to a hacking prevention system for input.
Due to the rapid development of Internet technology, there is a positive aspect of reorganizing the industrial structure and improving work efficiency.However, if you want to use various fields such as authentication sites, online internet banking, e-commerce, etc. Since personal information must be entered, there is a concern that personal information that must be kept confidential is exposed to hackers.
As personal information is exposed to hackers and stolen, the damage cases are on the rise, and ways to prevent this are being studied in various directions.
For example, a malicious hacker uses a keylogger program to leak personal information, which is installed on a user's computer to record important personal information, such as a password that a user enters through a keyboard, or log in real time. It has a structure to send to.
Thus, if such a malicious program is installed by a hacker on the user's computer, serious problems may occur when using Internet online banking.
In order to solve the above problems, Patent Application No. 2001-62289 "ActiveX-based keyboard hacking prevention method and apparatus" and Patent Application No. 2002-121141 "Keyboard hacking prevention method" and Patent Application No. 2002-43576 "How to prevent hacking of keystroke data and a computer-readable recording medium recording the same" and Patent Application No. 2003-25951 "Keyboard hacking prevention method using virtual keyboard data transmission" and Patent Application No. 2003-76291 "Keyboard Security method and system, and Patent Application No. 2004-15665, "Keyboard hacking blocking method and a recording medium recording the program." The patent application is applied to a user's computer using Active X technology. It automatically installs a secure keyboard driver to protect the values entered on the keyboard.
These keyboard security solutions can be installed and run on a user's computer. Then, when the user communicates with the Internet, the keyboard security program is automatically executed to identify and block known keyboard hacking programs or to encrypt key values on the keyboard driver. The keylogger is automatically executed to identify and block a known keyboard hacking program or to encrypt a key value on the keyboard driver to disable the keylogger program and to operate the secure keyboard driver to block hacking.
However, the keyboard hacking prevention technology according to the above patent applications has a number of disadvantages, so there is a big problem that can not block the applied hacking technology, the problem occurs when the first known keyboard hacking program, hackers directly If a developed or used source code of a known keylogger program is modified, a variant program cannot be detected when identifying a keyboard hacking program, and thus there is a possibility that information input by a user is leaked.
In addition, the development of key logger programs is developed among general programmers who have no hacking knowledge through API (Application Program Interface) hooking technology. It is because it becomes.
In addition, the solutions for preventing keyboard hacking are developed to be installed on the user's computer through the ActiveX technology, which assumes that the keylogger program is installed on the user's computer, so that the user's computer is already taken over by the hacker. It must be assumed that hackers can analyze the keyboard hacking prevention solution installed on the user's computer in advance, and this analysis can reversely tamper with the keyboard security program running on the user's computer, thereby preventing keyboard hacking. After the program is disabled, when the keylog program is executed, there is a problem that information input by the user may leak.
Techniques for preventing keyboard hacking under the assumption that a key logger program is installed to block the hacking techniques in order to overcome the limitations of the keyboard security solutions are disclosed in Patent Application No. 2004-83378 "Keyboard hacking prevention method using a mouse". And Patent Application No. 2003-3223, "Method for Preventing Key Input Theft," The solution uses a virtual keyboard and a virtual mouse so that the user can input information without using a keyboard at all during internet communication. Block personal information leakage due to keyboard hacking.
However, the hacking prevention techniques using the virtual keyboard and the virtual mouse have a problem of being disabled by a method of capturing an image by a mouse click event. That is, a hacker captures a mouse or screen image or records mouse coordinates every time a mouse key is input using the API hooking technology on the user's computer to leak the captured user's personal information in a similar manner to the keylogger program. There was this.
Accordingly, the present invention has been made to solve the above-mentioned problems according to the prior art, the object of the present invention is that even if a computer user accesses a specific site on the Internet and enters the password (PW) by the hacker key input or In order to block hacking attempts made by click input, it provides Action Guard flash when entering personal information such as password so that personal information can be input to user's computer without additional installation work. The present invention provides a hacking prevention system for inputs to prevent personal information from being leaked.
However, the object of the present invention is not limited to the above-mentioned object, other objects that are not mentioned will be clearly understood by those skilled in the art from the following description.
Features of the hacking prevention system for the input according to the present invention for achieving the above object,
A
As a result of the determination of the
When the mouse pointer of the
A
If the operation guard flash 18 action of the
As described above, the hacking prevention system for the input according to the present invention is safe for hacking by an event caused by a click on a keyboard or a mouse, and blocks the input information theft using a keyboard hooking technique such as a key logger. As it is dynamically moved by mouse action by the initial setting and dialing method, it has a safe effect on the hacking method of recording coordinates or screen capture method.
In addition, the present invention has the effect that it can be executed in conjunction with a sufficient number of processes without competing with other keyboard security programs to preempt key input.
Hereinafter, a preferred embodiment of the hacking prevention system for the input according to the present invention will be described. In the following description of the present invention, detailed descriptions of well-known functions or configurations will be omitted when it is deemed that they may unnecessarily obscure the subject matter of the present invention.
1 is a view schematically showing a connection relationship between a user computer and a web server to which the present invention is applied, FIG. 2 is a view schematically showing a configuration of a hacking prevention system for an input according to the present invention, and FIG. 3 is FIG. FIG. 4A is a view showing an action guard flash displayed on a screen of a user computer by the flash execution module. FIG. 4A is a detailed view of the action guard flash of FIG.
As shown in Figures 1 to 3, the hacking prevention system for the input according to the present invention,
Determining whether the
As a result of the determination of the
When the mouse pointer of the
A
When the action guard flash 18 action of the
The
Looking at the operation of the anti-hacking system for the input according to the present invention configured as described above with reference to Figs.
First, the
As a result of the determination of the
In addition, the
For example, in order to log in to the
In addition, assuming that the password is '0847', if the '0' is located in the arrow at the time of initialization, if the '0' is aligned with the arrow again by turning in the advancing direction, a single digit is input accordingly, and the input number is the control module. According to the control signal of 16, the number input to the
On the other hand, as a result of the input of the
For example, if the first password '0' matches the arrow through redirection, the one digit password is entered and the next digit number '8' is reversed from the direction to proceed to position the arrow. Go ahead and place it on the arrow.
In the same manner as above, '4' and '7' are input to the action guard flash by the change of direction.
In addition, the
The above detailed description is merely illustrative of the present invention, which is used only for the purpose of illustrating the present invention and is not intended to limit the scope of the invention as defined in the claims or the claims. Therefore, those skilled in the art will understand that various modifications and equivalent other embodiments are possible from this. Therefore, the true technical protection scope of the present invention will be defined by the technical spirit of the appended claims.
1 is a view schematically showing a connection relationship between a user computer and a web server to which the present invention is applied;
2 is a view schematically showing the configuration of an anti-hacking system for an input according to the present invention;
3 is a view showing an action guard flash displayed on the screen of the user computer by the flash execution module of FIG.
Figure 4a is a detailed view of the action guard flash of Figure 3,
4B is another detailed view of the action guard flash of FIG. 3.
<Description of the symbols for the main parts of the drawings>
10: web server 12: homepage
14: user computer 16: control module
18: action guard flash 20: flash execution module
22: input module 24: progress module
28: initialization module 30: storage module
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020090106101A KR20110049196A (en) | 2009-11-04 | 2009-11-04 | Hacking protection input system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020090106101A KR20110049196A (en) | 2009-11-04 | 2009-11-04 | Hacking protection input system |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20110049196A true KR20110049196A (en) | 2011-05-12 |
Family
ID=44360371
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020090106101A KR20110049196A (en) | 2009-11-04 | 2009-11-04 | Hacking protection input system |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20110049196A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2648126A1 (en) | 2012-04-05 | 2013-10-09 | LG CNS Co., Ltd. | Method of authenticating user, server and mobile terminal performing the same |
WO2020138822A1 (en) * | 2018-12-24 | 2020-07-02 | 삼성전자 주식회사 | Electronic device and key input method therefor |
-
2009
- 2009-11-04 KR KR1020090106101A patent/KR20110049196A/en not_active Application Discontinuation
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2648126A1 (en) | 2012-04-05 | 2013-10-09 | LG CNS Co., Ltd. | Method of authenticating user, server and mobile terminal performing the same |
US9532216B2 (en) | 2012-04-05 | 2016-12-27 | Lg Cns Co., Ltd. | Method of authenticating user, server and mobile terminal performing the same |
WO2020138822A1 (en) * | 2018-12-24 | 2020-07-02 | 삼성전자 주식회사 | Electronic device and key input method therefor |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7779062B2 (en) | System for preventing keystroke logging software from accessing or identifying keystrokes | |
US7996682B2 (en) | Secure prompting | |
Fernandes et al. | Android ui deception revisited: Attacks and defenses | |
US7263721B2 (en) | Password protection | |
CN101340281A (en) | Method and system for safe login input on network | |
CN101667232B (en) | Terminal credible security system and method based on credible computing | |
US9659173B2 (en) | Method for detecting a malware | |
Mohamed et al. | Smashed: Sniffing and manipulating android sensor data for offensive purposes | |
US20070209014A1 (en) | Method and apparatus for secure data input | |
WO2021046811A1 (en) | Attack behavior determination method and apparatus, and computer storage medium | |
EP3563548B1 (en) | Historic data breach detection | |
US8978150B1 (en) | Data recovery service with automated identification and response to compromised user credentials | |
CN113904820A (en) | Network intrusion prevention method, system, computer and readable storage medium | |
KR100571695B1 (en) | Hacking protect method of keyboard, mouse and image | |
Creutzburg | The strange world of keyloggers-an overview, Part I | |
KR20110049196A (en) | Hacking protection input system | |
Oh et al. | A protection technique for screen image-based authentication protocols utilizing the SetCursorPos function | |
CN112613000A (en) | Sensitive information protection method and device, electronic equipment and readable storage medium | |
Sapra et al. | Circumventing keyloggers and screendumps | |
CN1208728C (en) | Safety computer with information safety management unit | |
Moses et al. | Touch interface and keylogging malware | |
Lee et al. | Vulnerability analysis on the image‐based authentication: Through the WM_INPUT message | |
Nayak et al. | Robust virtual keyboard for online banking | |
KR100651611B1 (en) | Safe control method when detecting the access to storage media | |
Kong et al. | PtmxGuard: An improved method for android kernel to prevent privilege escalation attack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
N231 | Notification of change of applicant | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |