Detecting local graphic password deciphering attacks
First Claim
1. A computer program product having a computer-readable medium having computer program instructions recorded thereon for detecting a password deciphering attack, the computer program instructions comprising instructions for:
- providing a prompt to an entity attempting to access a protected resource, wherein the prompt is for providing access to the protected resource upon receiving entry of a first password contained in a first graphic image;
providing a graphic image to the entity attempting to respond to the prompt, wherein the graphic image comprises a second graphic image that displays a second password, the graphic image provided by modifying an interface through which graphic images are accessed to replace the first graphic image with the second graphic image for display to the entity;
receiving a password in response to the prompt;
determining whether the password received comprises the first password or the second password; and
responding based on the results of the determination.
5 Assignments
0 Petitions
Accused Products
Abstract
A mechanism for using a graphic password test while providing the ability for detecting attempts by programs to decipher the password for malicious attack is disclosed. An access module provides a prompt to an entity attempting to access a protected resource. An image-substitution module provides a first or second graphic image to the entity (images display a first and second password, respectively). A programmatic interface that provides access to an image displayed on a computer screen can be modified to periodically provide a second image to a computer program that is different from the first image displayed to a human user. A receiving module receives a password in response to the prompt and a determination module determines if the password is first or second password. When the second password is received, it is likely a malware attempt at bypassing the graphic password test. An analysis module responds e.g., by collecting information about the entity that attempted access.
-
Citations
20 Claims
-
1. A computer program product having a computer-readable medium having computer program instructions recorded thereon for detecting a password deciphering attack, the computer program instructions comprising instructions for:
-
providing a prompt to an entity attempting to access a protected resource, wherein the prompt is for providing access to the protected resource upon receiving entry of a first password contained in a first graphic image; providing a graphic image to the entity attempting to respond to the prompt, wherein the graphic image comprises a second graphic image that displays a second password, the graphic image provided by modifying an interface through which graphic images are accessed to replace the first graphic image with the second graphic image for display to the entity; receiving a password in response to the prompt; determining whether the password received comprises the first password or the second password; and responding based on the results of the determination. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method of detecting a password deciphering attack, the method comprising:
-
providing a prompt to an entity attempting to access a protected resource, wherein the prompt is for providing access to the protected resource upon receiving entry of a first password contained in a first graphic image; providing a graphic image to the entity attempting to respond to the prompt, wherein the graphic image comprises a second graphic image that displays a second password, the graphic image provided by modifying an interface through which graphic images are accessed to replace the first graphic image with the second graphic image for display to the entity; receiving a password in response to the prompt; determining whether the password received comprises the first password or the second password; and responding based on the results of the determination. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer system for detecting a password deciphering attack, the system comprising:
-
a computer-readable storage medium storing executable software modules comprising; an access module for providing a prompt to an entity attempting to access a protected resource, wherein the prompt is for providing access to the protected resource upon receiving entry of a first password contained in a first graphic image; an image-substitution module for providing a graphic image to the entity attempting to respond to the prompt, wherein the graphic image comprises a second graphic image that displays a second password, the graphic image provided by modifying an interface through which graphic images are accessed to replace the first graphic image with the second graphic image for display to the entity; a receiving module for receiving a password in response to the prompt; a determination module for determining whether the password received comprises the first password or the second password; an analysis module for responding based on the results of the determination; and a processor configured to execute the software modules stored by the computer readable storage medium. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A computer system for detecting a password deciphering attack, the system comprising:
-
a computer-readable storage medium storing executable computer instructions, the computer instructions comprising; a means for providing a prompt to an entity attempting to access a protected resource, wherein the prompt is for providing access to the protected resource upon receiving entry of a first password displayed in a first graphic image; a means for providing a graphic image to the entity attempting to respond to the prompt, wherein the graphic image comprises a second graphic image that displays a second password, the graphic image provided by modifying an interface through which graphic images are accessed to replace the first graphic image with the second graphic image for display to the entity; a means for receiving a password in response to the prompt; a means for determining whether the password received comprises the first password or the second password; a means for responding based on the results of the determination; and a processor configured to execute the computer program instructions stored by the computer readable storage medium. - View Dependent Claims (20)
-
Specification