Microsoft Windows™ computer operating systems are vulnerable to security breaches whenever the operating system prompts for keyboard input of a password. Security breaches are possible as the networking facilities of the Windows™ operating system, and networking facilities of most networking clients, typically use dialog boxes for entering passwords via a keyboard.
These dialog boxes are generated with the assistance of the Windows™ operating system and, when used, visually mask keyboard input that the user types to gain access to a server network or other protected medium. This masking mechanism provides immediate visual security, but does not address security risks within the operating system.
Keyboard keystrokes exposed to the operating system can be monitored by malicious or opportunistic software that observes system-wide keyboard entries and passes all keystrokes (that is, virtual keycode) to a dedicated “spy” process.
Such a spy process can determine a sequence of keystrokes entered at a given password prompt, and capture these keystrokes for subsequent unauthorized network logins. Captured keystrokes can also be transmitted to a remote location via the Internet or other network.
Coventionally, there are a variety of computer security systems as following.
Knowlson's U.S. Pat. No. 6,108,786 discloses a monitor network bindings, which detects when an unauthorized protocol has binding to an adapter, and an alert is generated when such a binding is detected.
Glover's U.S. Pat. No. 6,052,780 discloses accessing and restricting access to information, and notes that a file driver may hook into the operating system to monitor traffic and capture code.
Alsberg's U.S. Pat. No. 4,672,572 discloses a protector system for computer access and use, wherein communications are monitred via a security server.
Mattheis' U.S. Pat. No. 6,141,774 discloses a peripheral device with access control, which utilizes a watchdog timer to monitor malfunction.
Japanese Published Unexamined Patent Application No. 64-76397 discloses a peripheral device with access control, which monitors a cable connection, and erases a password if abnormality is detected.
Kikinis' U.S. Pat. Nos. 5,623,597 or 5,832,214 discloses a security for entered passwords, which is provided by diverting password keystrokes from a keyboard to a special boot controller, with bypassing the keyboard controller (a keyboard interpreter) to a computer bus.
Halstead's U.S. Pat. No. 5,896,497 discloses a system for securing a computer in which the system provides a hook key and mouse event in which the system detects mouse or keyboard operation.
He's U.S. Pat. No. 5,944,824 discloses a system and method for single sign-on to a plurality of network elements, which includes password protection to counter eavesdropping threats.
Drake's U.S. Pat. No. 6,006,328 discloses a computer software, authentication, protection and security system, which is concerned eavesdropping, such as the monitoring of keyboard.
The prior references, as recited above, do not recite the feature of protecting password entries from being monitored by malicious code, which monitors to detect malicious code such as that which would implement a keyboard hook in order to pass the entered keystrokes etc. to a “spy” process.