Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2005-08-25
2009-08-18
Zand, Kambiz (Department: 2439)
Information security
Monitoring or scanning of software or data including attack...
C726S002000, C726S021000, C726S025000, C713S168000, C713S170000, C713S184000, C709S225000
Reexamination Certificate
active
07577994
ABSTRACT:
A mechanism for using a graphic password test while providing the ability for detecting attempts by programs to decipher the password for malicious attack is disclosed. An access module provides a prompt to an entity attempting to access a protected resource. An image-substitution module provides a first or second graphic image to the entity (images display a first and second password, respectively). A programmatic interface that provides access to an image displayed on a computer screen can be modified to periodically provide a second image to a computer program that is different from the first image displayed to a human user. A receiving module receives a password in response to the prompt and a determination module determines if the password is first or second password. When the second password is received, it is likely a malware attempt at bypassing the graphic password test. An analysis module responds e.g., by collecting information about the entity that attempted access.
REFERENCES:
patent: 6332192 (2001-12-01), Boroditsky et al.
patent: 7149899 (2006-12-01), Pinkas et al.
patent: 7200576 (2007-04-01), Steeves et al.
patent: 7219148 (2007-05-01), Rounthwaite et al.
patent: 7219368 (2007-05-01), Juels et al.
patent: 7383570 (2008-06-01), Pinkas et al.
patent: 2004/0059951 (2004-03-01), Pinkas et al.
patent: 2005/0193208 (2005-09-01), Charrette et al.
patent: 2005/0228770 (2005-10-01), Willamson et al.
patent: 2007/0250920 (2007-10-01), Lindsay
Li, Shujun, et al, ‘Secure Human-Computer Identification (Interface) Systems against Peeping Attacks: SecHCI’, Cryptology ePrint Archive, Report 2005/268, 2005, entire document, http://eprint.iacr.org/2005/268.pdf.
“Alchemedia Delivers Clever Content Online Image Protection to Macintosh Clients”, News Release, PR Newswire Europe Limited [online] Mar. 20, 2000 [Retrieved on Aug. 2, 2005] Retrieved from the Internet: <URL: http://www.prnewswire.dk/cgi
ews/release?id=18263>. 1 page.
Mori, Greg et al., “Breaking a Visual CAPTCHA”, UC Berkeley Computer Vision Group [online] Dec. 15, 2003 [Retrieved on Apr. 25, 2005] Retrieved from the Internet: <URL: http://www.cs.berkeley.edu/˜mori/gimpy/gimpy.html>. 4 pages.
“Telling Humans and Computers Apart (Automatically)”, The CAPTCHA Project, Carnegie Mellon University [online] [Retrieved on Apr. 25, 2005] Retrieved from the Internet: <URL: http://www.captcha.net/>. 2 pages.
McCorkendale Bruce
Sobel William E.
Baum Ronald
Fenwick & West LLP
Symantec Corporation
Zand Kambiz
LandOfFree
Detecting local graphic password deciphering attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detecting local graphic password deciphering attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting local graphic password deciphering attacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4058652