| 摘要 |
A method of detecting unauthorised webcam/microphone use comprises identifying a process that is using the webcam/microphone; detecting whether information is visibly displayed to indicate the use of the webcam/microphone by a process; and based on this determination, identifying the process as potential malware or malware. The determination of visible display may be determining whether an application window for the process is displayed on the computer system, with information being obtained from an operating system through an application programming interface (API). the process is identified as potential malware, an alert may be sent to a user and/or the webcam/microphone may be switched off. The reputation of a process may be verified against a database of trusted/untrusted processes to determine whether or not the process is potential malware. If information is visibly displayed by the computer system, the process may be identified as trusted, if information is not visibly displayed, the process may be identified as suspicious. |
