A Method or System to Block Auto-Submission
Publication Date: 2014-Mar-25
The IP.com Prior Art Database
Network security is a serious issue. network intrusion occurring every day. One of them is simulating human’s submission.how to tell computer and human apart, currently CAPTCHA is used in largely scope. but CAPCHA also bring some other issues, such as bad user experinces, in this disclosure, we use eye movement to tell computer and human apart with better user experience and more security.
Page 01 of 7
A Method or System to Block Auto
A Method or System to Block Auto-
Currently, Network security is a serious issue. There are many network deception occurs every day. One of them is simulating human's submission. For example, hackers submit a payment request to your bank by controlling your computer or auto fill forms in by simulating operating system messages or end-user submit many dirty data using robot.
For these simulations, it is very difficult for service provider to judge the request is submitted from human or from robot. Then most of website blocks the auto submission by the following solution, but all of them can not solve core issue completely.
- Verification Code
Many website provide verification code to prove the submission from human not from robot. If end-user submits the form with the answer predefined in server, the system will think the request comes from human, or else, it will be thought as from robot. For example:
Some services providers also use the questions to verify the submission from human or from robot. If end-user submits the form with correct answer, the system will think the request comes from human, or else, it will be thought as from robot. For example:
Page 02 of 7
- Client App
To make the system more security, some services providers uses c/s architect to collect request from end-user, in those client apps, all data are encrypted and all submit are trusted, but service providers often received many dirty data if the end-user uses automation tools.
For verification code and questions, as graphical recognition and natural language processing improve, these methods will become less relevant. On the other hand, if hacker controls your computer, he knows everything in the forms, including verification code or questions, and then he can submit from your computer as you.
When end-user fills form in and submit his/here requests to services provider, s/he has to sit before her/his computer, and her/his eyes will move from one textbox to another textbox or button. Then here is the core innovation idea, we will use human's eye movement trail to judge submission is done by human or by simulation or robot.
When we use an application GUI, we know the position of textbox or checkbox which is needed to entry. Then we can define characteristic tracking points to describe the movement trail of eyes. When end-user entry the data in the required field, we can use tool to collect the movement trail of eyes, the movement trail of mouse and the characters from keyboard, if it the predefined characteristic tracking points exist in the collected detail completely or partly, then we can say it's from the human's submission, or else, it comes from simulation or robot.
Currently, there are some tools/apps to collect eye's movement trail accurately, based on these tools/apps, we can implement above innovation ideas as below, here are the main steps to implement this innova...