Device, method, and system of differentiating between virtual machine and non-virtualized device
First Claim
1. A method comprising:
- determining whether a user, who utilizes a computing device to interact with a computerized service, (A) is a user interacting with a non-virtualized computing device, or (B) is a Virtual Machine (VM) running on top of a Virtual Machine Monitor (VMM);
wherein the determining comprises;
monitoring response of the computing device to an interference that was introduced to a communication session between the computerized service and the computing device;
based on the monitored response, determining whether said user, who utilizes the computing device to interact with a computerized service, (A) is a user interacting with a non-virtualized computing device, or (B) is a Virtual Machine (VM) running on top of a Virtual Machine Monitor (VMM).
6 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. Communication interferences are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user device to such communication interferences. The system determines whether the user is a legitimate human user; or a cyber-attacker posing as a legitimate human user but actually utilizing a Virtual Machine.
-
Citations
21 Claims
-
1. A method comprising:
-
determining whether a user, who utilizes a computing device to interact with a computerized service, (A) is a user interacting with a non-virtualized computing device, or (B) is a Virtual Machine (VM) running on top of a Virtual Machine Monitor (VMM); wherein the determining comprises; monitoring response of the computing device to an interference that was introduced to a communication session between the computerized service and the computing device; based on the monitored response, determining whether said user, who utilizes the computing device to interact with a computerized service, (A) is a user interacting with a non-virtualized computing device, or (B) is a Virtual Machine (VM) running on top of a Virtual Machine Monitor (VMM). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification