|
1. A computer-implemented method, comprising: receiving identity information from a user controlling a computing device; determining, using a detection engine, if the identity information corresponds to authorized user data; triggering playback of an audio signal at a defined frequency from a speaker module associated with a computing device; receiving a reflected signal captured by a microphone module associated with the computing device, the reflected signal corresponding to the triggered audio signal; determining if the reflected signal contains a sound signature resulting from one or more physical gestures performed by the user when controlling the computing device; determining whether the sound signature corresponds to the user controlling one or more internal components specific to a type of the computing device; determining there is suspicious activity occurring at the computing device based on (i) the identity information not corresponding to the authorized user data, (ii) the reflected signal not containing the sound signature resulting from one or more physical gestures performed by the user when controlling the computing device, and (iii) the sound signature not corresponding to the user controlling one or more internal components specific to a type of the computing device and upon determining the suspicious activity, preventing access to an end system computer system that is separate from the computing device.
|
