Method to obfuscate keyboard keys against interception
Inventors
Assignees
Publication Number
US-12032726-B1
Publication Date
2024-07-09
Expiration Date
2042-05-17
Interested in licensing this patent?
MTEC can help explore whether this patent might be available for licensing for your application.
Abstract
Systems and methods for obfuscating keyboard keys against interception are provided. In an example, a protected application is dynamically virtualized in user space, wherein the virtualization comprises an isolated keyboard path. Keystrokes are injected to the isolated keyboard path, wherein the injected keystrokes are associated with a respective timestamp, and user input keystrokes are obfuscated with the injected keystrokes and the obfuscated keystrokes are passed to a low level hook. The obfuscated keystrokes passed to the low level hook are separated according to tags associated with the obfuscated keystrokes to obtain the user input keystrokes. The user input keystrokes are transmitted to a target window of the protected application.
Core Innovation
The invention provides systems and methods for obfuscating keyboard keys against interception, targeting protection against keyloggers and malicious software that attempt to intercept and extract sensitive information input via keyboards. A protected application is dynamically virtualized in user space using micro-containers, enabling an isolated keyboard path without requiring privileged access to the operating system or hardware. Within this isolated environment, keystrokes are injected alongside user input keystrokes, and all keystrokes are obfuscated before being passed to a low level hook.
The problem addressed by the invention is that traditional anti-keylogging techniques often require administrative or kernel-level privileges, which may not be possible or desirable due to system restrictions and user experience concerns. Furthermore, traditional approaches risk disrupting the user experience or rely on on-screen keyboards and privileged drivers, which can be impractical or insufficient against sophisticated malicious processes.
The core of the invention is a process where injected keystrokes, each tagged and timestamped, are mixed with actual user keystrokes within an isolated user space environment. The mixed (obfuscated) keystrokes are sent to a low level hook, making them indistinguishable to keyloggers. At the low level hook, tags and timestamps are used to separate the genuine user keystrokes from the injected ones, ensuring only authentic user input is transmitted to the protected application's target window. This mechanism allows for protection against keylogging without altering the user's experience or requiring privileged drivers.
Claims Coverage
The patent includes three independent claim categories covering a system, a method, and a non-transitory storage medium, each centered on keyboard input obfuscation for protected applications.
Dynamic virtualization of a protected application in user space with isolated keyboard path
The system, method, and storage medium claims require that a protected application is dynamically virtualized in user space, where the virtualization specifically comprises an isolated keyboard path. This virtualization can be achieved without privileged kernel drivers and may utilize micro-containers, as specified in the dependent claims.
Injection of timestamped keystrokes to the isolated keyboard path
Injected keystrokes are introduced into the isolated keyboard path, and each injected keystroke is associated with a respective timestamp. This enables tracking and later separation of keystroke origins.
Obfuscation and tagging of user input keystrokes with injected keystrokes before passing to low level hook
User input keystrokes are obfuscated together with the injected (non-user) keystrokes. The resultant obfuscated sequence is passed to a low level hook, with each keystroke associated with a tag (random attribute not used by the OS).
Separation of obfuscated keystrokes using tags to extract user input keystrokes
At the low level hook, the obfuscated keystrokes are separated according to the tags associated with each, allowing extraction of only the genuine user input keystrokes from the mixed sequence.
Transmission of user input keystrokes to a target window of the protected application
After separation, the authentic user keystrokes are transmitted to the target window of the protected application, ensuring that only legitimate input is processed and displayed.
The claims collectively cover systems, methods, and software storing instructions for isolating and obfuscating keyboard input in user space, injecting and tagging keystrokes, and ensuring secure separation and delivery of authentic user keystrokes to protected applications without requiring privileged drivers.
Stated Advantages
Prevents keylogging by malicious processes without privileged access to hardware and operating system.
Enables keyboard key obfuscation without requiring a change in user experience.
Operation does not require privileged kernel drivers or administrative access.
Micro-container approach consumes fewer hardware resources than virtual machines.
Micro-containers allow for dynamic, on-demand virtualization, enabling protection across multiple applications with faster provisioning.
Documented Applications
Protection of target applications where keystrokes are rendered or represented, such as password entry boxes or word processing applications, against interception by malicious processes.
Implementation of keyboard input protection for applications in user space using micro-containers, applicable to cloud-based resources and edge/mobile environments for process memory protection.
Interested in licensing this patent?