WO2010120157A3 - Method for providing computer security services using a hook, and apparatus and computer readable recording medium for same - Google Patents
Method for providing computer security services using a hook, and apparatus and computer readable recording medium for same Download PDFInfo
- Publication number
- WO2010120157A3 WO2010120157A3 PCT/KR2010/002421 KR2010002421W WO2010120157A3 WO 2010120157 A3 WO2010120157 A3 WO 2010120157A3 KR 2010002421 W KR2010002421 W KR 2010002421W WO 2010120157 A3 WO2010120157 A3 WO 2010120157A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- hook
- input message
- recording medium
- same
- readable recording
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- User Interface Of Digital Computer (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
Abstract
According to one embodiment of the present invention, the computer security service using a Hook determines the presence of a virtual input message flag in an input message or detects a hacking attempt using timing information at the kernel level, and comprises the steps of: monitoring an input message received from an operating system using a Hook; determining whether or not a virtual input message flag is included in the input message; and detecting a macro hack occurrence using the determined results.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2012505829A JP5580878B2 (en) | 2009-04-17 | 2010-04-19 | Method and apparatus for providing computer security service using hook, and computer-readable recording medium |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020090033432A KR101005593B1 (en) | 2009-04-17 | 2009-04-17 | Method and Apparatus for Providing Security Service Using Hook |
KR10-2009-0033432 | 2009-04-17 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2010120157A2 WO2010120157A2 (en) | 2010-10-21 |
WO2010120157A3 true WO2010120157A3 (en) | 2011-01-20 |
Family
ID=42983031
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2010/002421 WO2010120157A2 (en) | 2009-04-17 | 2010-04-19 | Method for providing computer security services using a hook, and apparatus and computer readable recording medium for same |
Country Status (3)
Country | Link |
---|---|
JP (1) | JP5580878B2 (en) |
KR (1) | KR101005593B1 (en) |
WO (1) | WO2010120157A2 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101434094B1 (en) * | 2013-03-18 | 2014-08-26 | 한양대학교 에리카산학협력단 | Blocking harmful application by intent monitoring in android platform |
KR101421633B1 (en) | 2013-04-02 | 2014-07-23 | 주식회사 잉카인터넷 | Speed Hack Detection System and Method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20040042731A (en) * | 2002-11-15 | 2004-05-20 | 엘지엔시스(주) | File and registry monitoring method for host system |
KR20050090541A (en) * | 2004-03-09 | 2005-09-14 | 주식회사 하우리 | Method for preventing key input from hacking, computer-readable storage medium recorded with program for preventing key input from hacking |
KR20060059757A (en) * | 2004-11-29 | 2006-06-02 | 주식회사 안철수연구소 | Preventing method of computer programmed automatic input |
KR20060059795A (en) * | 2004-11-29 | 2006-06-02 | 주식회사 안철수연구소 | Method of sensing time modification of internal time by a computer program |
KR20060093932A (en) * | 2005-02-23 | 2006-08-28 | 제이알소프트 주식회사 | Method that can secure keyboard key stroke using secure input filter driver and keyboard secure input bho of internet explorer in windows operating system |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4439711B2 (en) | 2000-10-19 | 2010-03-24 | Necエレクトロニクス株式会社 | Data processing apparatus and system |
KR100483700B1 (en) * | 2003-12-03 | 2005-04-19 | 주식회사 잉카인터넷 | Method to cut off an illegal process access and manipulation for the security of online game client by real-time |
WO2007037640A1 (en) * | 2005-09-28 | 2007-04-05 | Ahn Lab, Inc. | Method for detecting modification of internal time in computer system |
-
2009
- 2009-04-17 KR KR1020090033432A patent/KR101005593B1/en active IP Right Grant
-
2010
- 2010-04-19 WO PCT/KR2010/002421 patent/WO2010120157A2/en active Application Filing
- 2010-04-19 JP JP2012505829A patent/JP5580878B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20040042731A (en) * | 2002-11-15 | 2004-05-20 | 엘지엔시스(주) | File and registry monitoring method for host system |
KR20050090541A (en) * | 2004-03-09 | 2005-09-14 | 주식회사 하우리 | Method for preventing key input from hacking, computer-readable storage medium recorded with program for preventing key input from hacking |
KR20060059757A (en) * | 2004-11-29 | 2006-06-02 | 주식회사 안철수연구소 | Preventing method of computer programmed automatic input |
KR20060059795A (en) * | 2004-11-29 | 2006-06-02 | 주식회사 안철수연구소 | Method of sensing time modification of internal time by a computer program |
KR20060093932A (en) * | 2005-02-23 | 2006-08-28 | 제이알소프트 주식회사 | Method that can secure keyboard key stroke using secure input filter driver and keyboard secure input bho of internet explorer in windows operating system |
Also Published As
Publication number | Publication date |
---|---|
KR101005593B1 (en) | 2011-01-05 |
JP5580878B2 (en) | 2014-08-27 |
WO2010120157A2 (en) | 2010-10-21 |
JP2012524325A (en) | 2012-10-11 |
KR20100114969A (en) | 2010-10-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2012058487A3 (en) | Data loss monitoring of partial data streams | |
WO2012154664A3 (en) | Methods, systems, and computer readable media for detecting injected machine code | |
WO2006091944A3 (en) | Location-based enhancements for wireless intrusion detection | |
WO2010147837A3 (en) | Enhanced presence detection for routing decisions | |
WO2010150008A3 (en) | Method and system for provision of cryptographic services | |
WO2010105099A3 (en) | Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions | |
WO2010144796A3 (en) | Integrated cyber network security system and method | |
IL197477A0 (en) | System and method for detecting new malicious executables, based on discovering and monitoring of characteristic system call sequences | |
WO2010082763A3 (en) | Apparatus and method for handover in mobile communication system | |
WO2011100630A3 (en) | Methods, systems, and computer readable media for diameter application loop prevention | |
PH12015500919B1 (en) | Method and apparatus for encoding video by using block merging, and method and apparatus for decoding video by using block merging | |
WO2007007326A3 (en) | System and method for detection and recovery of malfunction in mobile devices | |
GB2508540A (en) | Malware scanning | |
TW200612278A (en) | Methods, computer program products and data structures for intrusion detection, interusion response and vulnerability remediation across target computer systems | |
MY151479A (en) | Method and apparatus for detecting shellcode insertion | |
WO2011152687A3 (en) | Method for allowing one device to detect another device | |
CA2816970A1 (en) | Using power fingerprinting (pfp) to monitor the integrity and enhance security of computer based systems | |
WO2007082204A3 (en) | Asset performance optimization | |
WO2011112702A3 (en) | Apparatus, system and method for detecting the presence of genuine serviceable product components | |
WO2007148314A3 (en) | Secure domain information protection apparatus and methods | |
SI1872583T1 (en) | Method of video processing, computer readable medium containing instructions implementing said method and video processing system. | |
ATE466472T1 (en) | METHOD AND SYSTEM FOR DESYNCHRONIZATION INTERRUPTED RECEIPT DETECTION AND RESTORATION | |
WO2004095281A3 (en) | System and method for network quality of service protection on security breach detection | |
WO2010105043A3 (en) | Methods, systems, and computer readable media for short message service (sms) forwarding | |
WO2012021806A3 (en) | Multi-process communication regarding gaming information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 10764696 Country of ref document: EP Kind code of ref document: A2 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2012505829 Country of ref document: JP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 10764696 Country of ref document: EP Kind code of ref document: A2 |