APPARATUS, SYSTEM, AND METHOD FOR PROTECTING AGAINST KEYLOGGING MALWARE
First Claim
1. A method for preventing software key logging executable by a microprocessor, comprising:
- detecting a browser form submission initiation call event associated with data inputs entered by a user, wherein the form submission initiation call event is an OnSubmit call event or a BeforeNavigate call event;
submitting the data inputs to a designated entity; and
clearing confidential data from the data inputs, thereby protecting against the threat of key logging malware capturing the confidential data.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus, system, and method is disclosed for protecting against key logger malware. The protection includes protection form grabbing keylogger malware. In response to detecting a form submission event from a browser associated with a user entering data into a form, confidential data is cleared to prevent it being captured by malware. Additional protection of data inputs, entered at a driver level, may be provided as an additional level of protection against hook based malware operating at a virtual keyboard level or operating system level. Data inputs received at a physical driver level may be protected as they pass through a virtual keyboard level and an operating system level. The projection against malware may be provided as a preventive measure that does not require detection of the key logger malware itself.
7 Citations
29 Claims
-
1. A method for preventing software key logging executable by a microprocessor, comprising:
-
detecting a browser form submission initiation call event associated with data inputs entered by a user, wherein the form submission initiation call event is an OnSubmit call event or a BeforeNavigate call event; submitting the data inputs to a designated entity; and clearing confidential data from the data inputs, thereby protecting against the threat of key logging malware capturing the confidential data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product to prevent software key logging including computer program code embedded in a non-transitory microprocessor-readable storage medium executable by a microprocessor, which when executed on the microprocessor, implements a method, comprising:
-
detecting a browser form submission initiation call event associated with data inputs entered by a user, wherein the form submission initiation call event is an OnSubmit call event or a BeforeNavigate call event; submitting the data inputs to a designated entity; and clearing confidential data from the data inputs, thereby protecting against the threat of key logging malware capturing the confidential data. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method for preventing software key logging executable by a microprocessor, comprising:
-
detecting a browser form submission initiation call event associated with data inputs entered by a user in a user input area of a web page, wherein the form submission initiation call event is an OnSubmit call event or a BeforeNavigate call event; submitting the confidential data to a designated entity; identifying form input fields on the web page having confidential data; clearing the confidential data to prevent capture of the confidential data by key logging malware; and wherein the clearing of the confidential data is performed regardless of whether keylogging malware is present. - View Dependent Claims (23, 24, 25)
-
-
26. A computer program product to prevent software key logging including computer program code embedded in a non-transitory microprocessor-readable storage medium executable by a microprocessor, which when executed on the microprocessor, implements a method, comprising:
-
detecting a browser form submission initiation call event associated with data inputs entered by a user in a user input area of a web page, wherein the form submission initiation call event is an OnSubmit call event or a BeforeNavigate call event; submitting the confidential data to a designated entity; identifying form input fields on the web page having confidential data; clearing the confidential data to prevent capture of the confidential data by key logging malware; and wherein the clearing of the confidential data is performed regardless of whether keylogging malware is present. - View Dependent Claims (27, 28, 29)
-
Specification