Dennis Chang Kou

US Patent:

20150365432, Dec 17, 2015

Filed:

Jun 16, 2014

Appl. No.:

14/305913

Inventors:

- Santa Barbara CA, US
David Kleidermacher - Santa Barbara CA, US
Thomas Cantrell - Oxnard CA, US
Dennis Kou - Goleta CA, US
Daniel Hettena - Princeton NJ, US

International Classification:

H04L 29/06
G06F 9/455
G06F 13/10

Abstract:

In certain embodiments, virtualization mechanisms used to defend against spying can also be used by attackers as a means to execute spying attacks more effectively. In certain embodiments, attack methods may use the virtualization mechanisms to surreptitiously activate input peripherals without the user's knowledge or authorization. In certain embodiments, a virtualized network interface may be employed in which all network traffic transiting a portable wireless system is routed through a remote control component within a peripheral control domain. The remote control component may be used by an attacker to communicate remotely with the portable device to send it peripheral activation commands. The remote control component can then activate peripherals via the peripheral access module without the user's or general-purpose operating system's knowledge or authorization. All other network traffic may be passed through as normal and expected to the general-purpose operating system.

US Patent:

20140281447, Sep 18, 2014

Filed:

Mar 12, 2014

Appl. No.:

14/205397

Inventors:

- Santa Barbara CA, US
Daniel Jonathan Hettena - Princeton NJ, US
Dennis Chang Kou - Goleta CA, US

Assignee:

Green Hills Software, Inc. - Santa Barbara CA

International Classification:

H04L 29/06
G06F 21/57

US Classification:

713 1, 713156

Abstract:

A virtualizing and obfuscating communications firmware module may be incorporated into common, mass-market portable computing devices, such as smartphones and tablets, to provide this service. The disclosure encompasses authentication and obfuscation software components that may comprise trusted firmware whose operation is protected from the main portable device operating system that is assumed to be hostile (e.g. infiltrated with malware or under the control of a remote attacker). In certain embodiments, a single-chip design is disclosed, without any specialized hardware: only the primary portable device applications microprocessor may be used by both the main operating system and the virtualizing and obfuscating communications firmware module. The operating system may operates as if it has access to a real communications peripheral, but in reality the virtualizing and obfuscating communications firmware module virtualizes this peripheral. The firmware module may perform authentication of the user and obfuscation of the data without the operating system's knowledge.