Patent Issued for Keylogger detection systems and methods (USPTO 11531786): United Services Automobile Association
2023 JAN 11 (NewsRx) -- By a
The patent’s assignee for patent number 11531786 is
News editors obtained the following quote from the background information supplied by the inventors: “The present disclosure generally relates to computing device monitoring, and more particularly, security systems designed to monitor for unauthorized data sharing.
“Computing devices increasingly are connected to other devices, such as other computing devices, memories, servers, or the like, through wireless and/or wired communication networks. As popularity of computing devices has grown to become indispensable, an amount of sensitive data shared through the communication networks has increased. When an unauthorized entity accesses the sensitive data, a security breach may occur and result in a “data leak,” or a release of sensitive data as part of an unauthorized access of the sensitive data. Sensitive data may include social security numbers, personal identification numbers, financial information, credit or debit card information, banking information, login credentials for website portals, or the like. Different techniques may be used by an unauthorized party to access the sensitive data stored and/or transmitted by a computing device, such as key logging techniques, phishing methods, viruses, or the like. For example, key logging techniques may retrieve sensitive data through user inputs via an input device, such as a keyboard, of a computing device and keyloggers remain troublesome to detect when monitoring the computing device.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “Certain embodiments commensurate in scope with the originally claimed subject matter are summarized below. These embodiments are not intended to limit the scope of the claims, but rather these embodiments are intended only to provide a brief summary of possible forms of the invention. Indeed, the present disclosure may encompass a variety of forms that may be similar to or different from the embodiments set forth below.
“In an embodiment, a system may include an input device and a computing device including a keylogger detection system. The keylogger detection system may perform operations including detecting a keylogger based at least in part on an increase in power drawn by the input device, detecting the keylogger based at least in part on a driver of the input device, detecting the keylogger based at least in part on a duration of time that a signal generated by the input device takes to transmit to the computing device, or any combination thereof. In response to detecting the keylogger, the keylogger detection system may generate an alert that includes a notification associated with the detection of the keylogger.
“In another embodiment, a method may include A method may include detecting a keylogger based at least in part on an increase in power drawn by an input device, detecting the keylogger based at least in part on a driver of the input device, detecting the keylogger based at least in part on a duration of time that a signal generated by the input device takes to transmit to a computing device, or any combination thereof. The method may also include, in response to detecting the keylogger, generating an alert to indicate a presence of the keylogger.
“In yet another embodiment, a tangible, non-transitory computer-readable medium that stores instructions executable by a processor of an electronic device that, when executed by the processor, cause a computing device to perform operations including detecting a keylogger based at least in part on an increase in power drawn by an input device, detecting the keylogger based at least in part on a driver of the input device, detecting the keylogger based at least in part on a duration of time that a signal generated by the input device takes to transmit to the computing device, or any combination thereof. The operations may also include generating an alert including a notification associated with the detection of the keylogger in response to detecting the keylogger.”
The claims supplied by the inventors are:
“1. A system, comprising: an input device; a microphone configured to detect a sound associated with a key press; and a computing device comprising a keylogger detection system, wherein the keylogger detection system comprises a processor configured to perform operations comprising recording a first time that the microphone detects the sound associated with the key press; identifying a second time that a signal generated by the input device, in response to the key press, is received by the computing device; identifying a duration of time between the first time and the second time as a transmission time of the key press; detecting a keylogger based at least in part on: an increase in the transmission time of the key press in comparison to a historical trend of transmission times that it has taken signals generated by the input device to transmit to the computing device, and the duration of time that the signal generated by the input device takes to transmit to the computing device by: receiving the signal generated by the input device at a current time and a time of input into the input device from the input device; determining the duration of time based at least in part on a difference between the time of input and the current time; accessing historical transmission times associated with previous signals received from the input device; and detecting the keylogger based at least in part on determining that the duration of time is a threshold amount longer than one or more historical transmission times; and in response to detecting the keylogger, generating an alert comprising a notification associated with the detection of the keylogger.
“2. The system of claim 1, wherein the processor is configured to perform the operations comprising detecting the keylogger based at least in part on the increase in power drawn by the input device by: sensing a first amount of power drawn in conjunction with the input device; sensing a second amount of power drawn in conjunction with the input device; determining that the second amount of power is a threshold amount greater than the first amount of power; and detecting the keylogger based at least in part upon the second amount of power being a threshold amount greater than the first amount of power.
“3. The system of claim 2, wherein the first amount of power is sensed at a supply terminal coupling the input device to the computing device.
“4. The system of claim 1, wherein the processor is configured to perform the operations comprising detecting the keylogger based at least in part on a driver received from the input device by: receiving a driver parameter of the driver; accessing an expected driver parameter; determining that the driver parameter is different from the expected driver parameter; and detecting the keylogger based at least in part upon determining that the driver parameter is different from the expected driver parameter.
“5. The system of claim 4, wherein the processor is configured to perform the operations comprising: determining the expected driver parameter based at least in part on historical driver information corresponding to the input device.
“6. The system of claim 4, wherein the processor is configured to perform the operations comprising: determining a likelihood that the driver corresponds to the keylogger; comparing the driver parameter to a list of parameters determined at an earlier time to correspond to the keylogger; and increasing the likelihood in response to determining that the list of parameters comprises the driver parameter.
“7. The system of claim 1, wherein the processor is configured to perform the operations comprising receiving the signal generated by the input device at the current time and the time of input into the input device from the input device comprises: listening for an audible key press into the input device; and recording a time associated with the audible key press as the time of input into the input device, wherein the audible key press is transmitted from the input device, and wherein the signal comprises an indication resulting from the audible key press into the input device.
“8. A method for operating a keylogger detection system of a computing device, comprising: detecting, via a microphone, a sound associated with a key press; recording a first time the microphone detects the sound associated with the key press; identifying a second time that a signal is generated by an input device in response to the key press is received by the computing device; identifying a duration of time between the first time and the second time as a transmission time of the key press; detecting a keylogger based at least in part on: an increase in the transmission time of the key press in comparison to a historical trend of transmission times that it has taken signals generated by the input device to transmit to the computing device, and the duration of time that the signal generated by the input device takes to transmit to the computing device by: receiving the signal generated by the input device at a current time and a time of input into the input device from the input device; determining the duration of time based at least in part on a difference between the time of input and the current time; accessing historical transmission times associated with previous signals received from the input device; and detecting the keylogger based at least in part on determining that the duration of time is a threshold amount longer than one or more historical transmission times; and in response to detecting the keylogger, generating an alert comprising a notification associated with the detection of the keylogger.
“9. The method of claim 8, wherein detecting the keylogger based at least in part on the increase in power drawn by the input device comprises: sensing a first amount of power at a terminal coupling the computing device to the input device, wherein the first amount of power is drawn in conjunction with the input device; sensing a second amount of power at the terminal drawn in conjunction with the input device; determining that the second amount of power is a threshold amount greater than the first amount of power; and detecting the keylogger based at least in part upon the second amount of power being a threshold amount greater than the first amount of power.
“10. The method of claim 8, wherein detecting the keylogger based at least in part on a driver of the input device comprises: receiving a driver parameter of the driver; accessing an expected driver parameter; determining that the driver parameter is different from the expected driver parameter; and detecting the keylogger based at least in part upon determining that the driver parameter is different from the expected driver parameter.
“11. The method of claim 10, comprising: determining a likelihood that the driver corresponds to the keylogger; comparing the driver parameter to a list of parameters determined at an earlier time to correspond to the keylogger; and increasing the likelihood in response to determining that the list of parameters comprises the driver parameter.
“12. A tangible, non-transitory computer-readable medium configured to store instructions executable by a processor of an electronic device that, when executed by the processor, cause a computing device to perform operations comprising: recording a first time a microphone detects a sound associated with a key press; identifying a second time a signal is generated by an input device in response to the key press is received by the computing device; identifying a duration of time between the first time and the second time as a transmission time of the key press; detecting a keylogger based at least in part on: an increase in the transmission time of the key press in comparison to a historical trend of transmission times that it has taken signals generated by the input device to transmit to the computing device, and the duration of time that the signal generated by the input device takes to transmit to the computing device by: receiving the signal generated by the input device at a current time and a time of input into the input device from the input device; determining the duration of time based at least in part on a difference between the time of input and the current time; accessing historical transmission times associated with previous signals received from the input device; and detecting the keylogger based at least in part on determining that the duration of time is a threshold amount longer than one or more historical transmission times; and in response to detecting the keylogger, generating an alert comprising a notification associated with the detection of the keylogger.
“13. The non-transitory computer-readable medium of claim 12, the operations comprising: sensing the increase in power drawn in conjunction with the input device; generating a first likelihood in response to sensing the increase in power drawn in conjunction with the input device; determining that one or more properties of a driver changed from one or more previous driver properties; and increasing a value of the first likelihood to a second likelihood in response to determining that a threshold amount of the one or more properties of the driver changed.”
There are additional claims. Please visit full patent to read further.
For additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Researchers Submit Patent Application, “Using Historical Data For Subrogation On A Distributed Ledger”, for Approval (USPTO 20220405857): Patent Application
Aerospace Insurance Market Projected to Show Strong Growth : Wells Fargo, Marsh, Old Republic Aerospace, Global Aerospace
Advisor News
- FPA announces passing of CEO, succession plan
- Study: Do most affluent investors prefer a single financial services provider?
- Why haven’t some friends asked to become clients?
- Is a Roth IRA conversion key to strategic tax planning?
- Regulator group aims for reinsurance asset testing guideline by June
More Advisor NewsAnnuity News
Health/Employee Benefits News
- Findings from Harvard Medical School Broaden Understanding of Mental Health Diseases and Conditions (Association of Medicaid Accountable Care Organizations and Postpartum Mental Health Care Utilization): Mental Health Diseases and Conditions
- Health coverage redefined through innovative self-funded solutions
- CVS Health to cut another 22 jobs connected to its offices in Hartford
- Dozens Died In State Sober Living Homes As Officials Fumbled Medicaid Fraud Response
- Emerging workplace benefit trends for 2025
More Health/Employee Benefits NewsLife Insurance News
- Fourth Quarter 2024 Q4 2024 Statistical Supplement and Notes
- Symetra Enhances Workforce Benefits Offerings with Refreshed Group Accident Insurance
- Axcelus Financial Names Kimberly Gibson and Henry Komansky to Executive Roles in International Life and Annuity Insurance Companies
- Exemption Application under Investment Company Act (Form 40-APP/A)
- Life insurance financial ratings: a system in need of an update?
More Life Insurance News