Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Virtual-machine-technology-based data security input and submission method and system

A technology of technical security and safe input, which is applied in the field of enhancing the security of network identity authentication by inputting account passwords on computers, and can solve problems such as doubts about the security of online transaction behaviors, lack of universal adoption, and excessive filtering of firewall feature codes, etc., to solve network problems. The effect of the game account being stolen

Inactive Publication Date: 2011-09-21
BEIJING SOFTLUMOS TECH
View PDF6 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] 3. Memory scanning and interception: After the hacking Trojan horse virus runs, it detects the process of all programs in the system through Hook technology, and monitors the calls of related APIs. The hacking Trojan horse hacking software can intercept specific handles, windows or keywords For events such as disk, mouse, copy, and paste in Windows, or directly read the unencrypted account password of the process, or intercept other API function call events, this Trojan horse has a strong concealment, and currently there is no such Trojan in Windows very effective means of prevention
[0010] 4. Phishing: Phishing attacks, malicious websites disguised as homepages of well-known companies, using domain name similarity and address spoofing loopholes in IE browsers, tricking netizens into entering account numbers and passwords, and planting Trojan horse viruses through malicious scripts to lure more Users visit the website to cause infection, and cyber crooks use these fake websites to steal account numbers and passwords of login users, causing huge losses to relevant departments and industries, making people question the safety of online transactions, and seriously hindering The development of e-commerce industry
[0012] 1. Anti-virus software: For known harmful account-stealing programs such as Trojan horse viruses, anti-virus software uses virus signature filtering and other technologies, including special Trojan horse killing software, which are similar in design principles and technical ideas. For new account-stealing Trojan horses For software malicious programs, the success rate of antivirus software is about 20%. At present, antivirus software companies are also exploring new technologies and methods, but they have not made substantial breakthroughs; in fact, publishers of account hacking Trojan horses usually use mainstream Anti-virus software and Trojan horse anti-virus software to scan, confirm that these Trojan horse anti-virus software cannot be recognized before publishing
[0013] 2. Firewall: Adopt application program + port detection and control technologies. Some firewalls have feature code filtering technology. For example, sensitive characters set for account passwords are prohibited from being sent and transmitted. Use normal ports such as 80 to send, or directly use IE to send, the firewall is powerless;
[0014] 3. Dynamic password card: Different passwords are used for each transaction, and Trojan horses can not continue to use the password after successfully stealing the password. However, the issuance cost and cost of dynamic password cards are high, and they are currently only used in some bank websites;
[0015] 4. Telephone and SMS authentication, this method is expensive and not widely used;
[0016] 5. USB-Key certificate, hardware secret treasure, this method is relatively safe and highly targeted, and is limited to the service provider's own website or game
And this new architecture cannot be the way of hardware+Windows+Windows software. As we all know, in the Windows architecture, Windows is the direct controller of the hardware, and Windows has opened up the development interface of the kernel-level driver, so that third parties can build on Windows. If the task of this driver is to steal keys and certificates, theoretically we cannot use another software to completely prevent it in Windows

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtual-machine-technology-based data security input and submission method and system
  • Virtual-machine-technology-based data security input and submission method and system
  • Virtual-machine-technology-based data security input and submission method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] To facilitate an understanding of the principles and features of the present invention, the following description refers to the implementation of an exemplary embodiment. Specifically, the present invention is described for using Windows 2000 and above operating systems as user operating systems, and using a computer configured with a CPU supporting Intel VT technology as a device scenario. In addition, the present invention is described for online game login of.

[0037] It should be understood, however, that this is not the only embodiment in which the invention may be practiced. On the contrary, the present invention can be applied to various different operating systems, such as Linux operating system; can be applied to different hardware environments, such as disposing the computer that AMD supports hardware-assisted virtualization CPU; Scenarios that use account passwords to log in, such as website forum logins, instant messaging software logins, stock software lo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a virtual-machine-technology-based data security input and submission method and a virtual-machine-technology-based data security input and submission system. The system isolates a user input management programs and a user operating system into different hardware resource spaces by a virtual machine monitor (VMM), so that a user can securely input and submit data to a server in an environment inaccessible for Trojans without worrying that the data may be intercepted by the Trojans, and even though being intercepted, the intercepted data is encrypted. In other words, by the method and the system, a universal software solution is provided for the prevention of number stealing of the Trojans.

Description

technical field [0001] The present invention generally relates to methods of securely entering and submitting data in network transactions. More specifically, the present invention relates to a method and a system for enhancing the security of network identity authentication by inputting an account password on a computer. Background technique [0002] With the popularization of Internet applications, virtualization of real life is the main feature and trend at present. The protection of information security, personal privacy, and virtual property is particularly important. The most common protection method is passwords, but passwords provide us with the necessary security. At the same time, it also brings a lot of trouble. If the password is stolen, our important information and personal privacy may be leaked, and virtual property, business secrets, and deposit funds may be stolen. [0003] At present, the theft of network passwords is becoming more and more serious. Accord...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 何安洪张勇
Owner BEIJING SOFTLUMOS TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products