1. Field of the Invention
Embodiments of the present invention generally relate to data leakage prevention. In particular, embodiments of the invention relate to a method and apparatus for detecting an attempt to misappropriate an input focus from an application to prevent sensitive data leakage.
2. Description of the Related Art
Focus misappropriation (also known as “focus stealing”) is a common behavior performed by various software applications (e.g., AOL Instant Messenger) on a graphical user interface (e.g., a presentation window). “Focus input” indicates the component of the graphical user interface which is currently selected to receive input. Basically, focus misappropriation occurs when an input focus is taken or changed from a first application to a second application without the user requesting such a change. The second application may take change the input focus from the first application for a malicious and/or a benign purpose. For example, the first application may be a malicious software program that is configured to misappropriate sensitive data. As another example, the first application may be a browser application that changes the input focus whenever an advertisement is presented on a computer display. Regardless, focus misappropriation disrupts the productivity of a user by changing the presentation window currently receiving the input focus and, thus, altering the direction of user input.
Often, when presented with an incorrect presentation window, a user accidently inputs data into the incorrect presentation window. Sometimes, the data entered in the incorrect presentation window comprises sensitive information such as passwords, social security numbers, bank accounts and the like. The input of sensitive data (e.g., passwords) into the incorrect presentation window presents a security risk for the user. For example, an Instant Message application changes the input focus when a new message arrives while the user is in the middle of accessing a bank account online. Consequently, the user accidently types in a password for the bank account on the instant message window instead of an online form for accessing the back account. If the user does not catch such a mistake before the password is communicated, the bank account is at risk for theft.
Generally, controls (i.e., MICROSOFT WINDOWS controls) are visual representation components (i.e., software code) that are defined in a user interface implementation and generated (e.g., instantiated) by the operating system for interacting with the user. Such controls comprise information regarding a format and a layout of a graphical object presented on the computer display. For example, a control may define a visual style for an edit box that receives a password as input from the user. Currently, solutions for input focus stealing, such as MICROSOFT TWEAK UI (e.g., an application for adjusting the user interface without manually altering the registry), do not distinguish between controls used for receiving passwords (i.e., security risks) and the general behavior of presentation windows on a computer display. In other words, such solutions do not treat input focus stealing from the control used for receiving passwords as a security risk, but rather as a normal behavior that does not pose a threat to the user.
Therefore, there is a need in the art for a method and apparatus for restricting or preventing an input focus change on a computer display where a visual representation component that is currently in focus is used to receive sensitive data.