Method and system that can secure keyboard key stroke using secure input filter driver and keyboard secure input BHO of Internet Explorer in windows operating system
暂无分享,去创建一个
The present invention relates to a method of security of the security system for preventing a user's keyboard input information hacking in a computer information security, and more particularly, and at the same time the filter driver and the interrupt install the security input filter driver in the kernel mode (Ring 0) check the service routine by getting to fundamentally protect the input from hacking your keyboard to enter the information in kernel mode, the keyboard input information, Internet Explorer; by direct transfer to the (Internet Explorer IE) keyboard input security BHO is installed on the inside, you in the mode (Ring 3) and kernel mode (Ring 0) it relates to a method capable of fundamentally preventing keystroke hacking. In the Windows operating system security input filter driver with Internet Explorer Internet Explorer user-resistant keyboard input information hacking way through to climb inside the keyboard security input BHI according to the present invention, checking the keyboard, type the security BHO whether the focus (Focus) to the IE textbox and the step of; If the above steps do not focus on checking the focus on the IE text box, comprising a keyboard input security BHO stop the security operation of the security input filter driver and; If the focus with the focus on the inspection stage IE text box, comprising a keyboard input security BHO determine whether API hooks for (Application Programming Interface) DeviceIoControl API and; If it is determined that the API hook if present in the determination step, the API hook, comprising: a keyboard input security BHO transmits the API hook information to the management server; If it is determined in the determination step whether or not the API hook that does not exist, the API hook, further comprising: notice that the keyboard input security BHO to protect keyboard input information to the security input filter driver and; Comprising: a security input filter driver transmits the keyboard input information protection notify the received keyboard input keyboard input value is received from the keyboard driver to start the security operation from the keyboard input security BHO according to directly; Determining whether the keyboard to enter the security BHO interference classed for the IE textbox and present; If it is determined that there is interference classed in judging whether the interference classed exist, comprising a keyboard input security BHO sends a frightening classed information about the IE text box on the management server; If it is determined that the interference is not classed presence in judging whether the interference classed exist, comprising a keyboard input security BHO transmitting the received keyboard input by calling the window procedure of the text box and IE; The management server determining whether to search the hacking of internal DB based on the transmitted information from the keyboard input, and security BHO; It characterized in that the input keyboard security BHO that receives the determination result whether hacking from the management server, comprises a hack processing deletion step of deleting the processing corresponding to hacking according to the determination result. Keyboard, security, hacking, keystrokes, filter drivers, browser help objects (BHO), an interrupt service routine (ISR)