Browse Prior Art Database

System for Compromised Systems

IP.com Disclosure Number: IPCOM000238898D
Publication Date: 2014-Sep-24
Document File: 2 page(s) / 23K

Publishing Venue

The IP.com Prior Art Database

Abstract

Compromised Systems

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 55% of the total text.

Page 01 of 2

System for Compromised Systems

This article describes how a social network can inject "timely and likely" mis-information for sensitive content into mirrored processes and files such that malicious eavesdroppers on compromised systems are unsuspecting of the real transactions. The eavesdropper is encouraged to think that the apparent transactions or file content is "timely and likely", such that the eavesdropper would not be inclined to investigate further as there seems to be normal behaviour (content type, size and timeliness) of the applications and files.

    The assumption is that a malicious third party already has access to your computer and can see the applications that are running and has access to the disk. This disclosure aims to mitigate the risk posed by such a scenario. This is achieved primarily by allowing the eavesdropper to think that the apparent transactions are "timely and likely", such that the eavesdropper would not be inclined to dig deeper - whilst at the same time hiding the real transactions.

    Once a malicious party has access to the applications that are running and has access to the disk, it is desirable that the malicious party does not see anything that is sensitive. For example, the intent of the malicious code may be to sift for sensitive information in a messaging application or mail file e.g. the malicious code might transmit sensitive documents from the mail file or chat history en masse or transmit messages that contain specific keywords or are marked confidential. In this disclosure, we describe a system to mitigate the above problem and describe a use case involving a messaging system. Please note, that this implementation or use case is one of many such possible implementations not just limited to messaging systems... this can be applied to many other systems e.g. Web browsing, File Backup, transmission...

    Use case: UserA sends an email containing highly restricted information to a user group comprising UserB and UserC. UserA has specified that the mes...