1 / 23

Anticlick : Increasing Desktop security

Anticlick : Increasing Desktop security. Jason Petrey Computer Electronic Networking Dept . of Technology Eastern Kentucky University. outline. Basic Idea Motivation Password Security Problem Statement Solution Conclusion Future Work. Security gap.

chaney
Télécharger la présentation

Anticlick : Increasing Desktop security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anticlick: Increasing Desktop security Jason Petrey Computer Electronic Networking Dept. of Technology Eastern Kentucky University

  2. outline • Basic Idea • Motivation • Password Security • Problem Statement • Solution • Conclusion • Future Work

  3. Security gap • Windows user passwords are not secure enough • There is a need for a security application to protect a user after the log on process, so I developed one

  4. MOTIVATION • During my studies at EKU I was shocked at how unsecure the windows user password is. • I remembered a security program that I had started in high school. • Now had the knowledge and skills needed to complete the program I had started in high school.

  5. Password Security • In 2003 a Swiss researcher reduced the time it takes to crack a password like a windows users password from little less than 2 minutes to 13.6 seconds. (Lemos, 2003)

  6. Password Security • Quick list of free ‘tools’ • Ophcrack • Offline NT Password & Registry Editor • Cain & Abel • LCP • John the Ripper (Fisher)

  7. PROBLEM STATEMENT • With the lack of security in windows user passwords a program is needed to protect a user account after the user logs on.

  8. PROPOSED SOLUTION • Anticlick: Screen Lock • Clear form covering the entire screen. • Blocks key combinations that could normally bypass the program. • Requires pressing two keys, defined by the user, to bring up password entry, settings, or change password screens

  9. PROPOSED SOLUTION • Anticlick: Screen Lock (cont.) • Ability to run on startup/log on • Email and text message warnings on a user defined number of failed attempts at the password • All information protected with 3DES encryption (a three-step data encryption algorithm )

  10. PROPOSED SOLUTION • Anticlick: Administrator Control Panel • Provide administrator override password that will work for any user • Allows an administrator to edit anticlick settings on all local users who have already ran Anticlick: Screen Lock • All information protected with 3DES encryption

  11. Block Diagram

  12. Main form

  13. Password forms

  14. Settings form

  15. Admin control panel

  16. Known Vulnerabilities • Operating system that boot from removable media • Safe Mode • An occasional bug that places the start bar above the for that blocks mouse key strokes.

  17. CONCLUSIONS • When run on startup Anticlick is an effective invisible layer of protection for a user. When ran manually it makes an effective screen lock. • When working with Visual Basic always start research on MSDN (Microsoft Developer Network)

  18. CONCLUSIONS • It is surprisingly easy to integrate functions from external Dynamic-link libraries and windows API (application programming interfaces) functions into programs using Visual Studio, which helps a programmer create programs.

  19. FUTURE WORK • Multiple monitor support • Windows service integration • Remove the assumptions about the host system that are hard coded to increase compatibility

  20. FUTURE WORK • Administrator Control Panel to establish settings for users who have not yet ran the Anticlick: Screen Lock • Sell for profit or distribute as freeware /shareware • Permanent Email: jason.petrey12@gmail.com

  21. REFERENCES • Lemos, Robert. (2003, July 22). Cracking Windows passwords in seconds. Retrieved April 10, 2010, from http://news.cnet.com/2100-1009_3-5053063.html •  Fisher, Tim. Top 5 Free Windows Password Recovery Tools. Retrieved April 10, 2010, from http://pcsupport.about.com/od/toolsofthetrade/tp/passrecovery.htm

  22. Project ACKNOWLEDGEMENTS • WindowsHooksLib.dll from www.vbforums.com • Provided Keyboard Hooking • MSDN • Microsoft repository of dot net programming (including visual basic) and developer forum

  23. Project ACKNOWLEDGEMENTS • sms411.net • How to send email to phones as text message • www.codeproject.com • How to interact with the registry • www.dreamincode.net • How to interact with the registry

More Related