Your search keyword '"keystroke logging"' showing total 345 results

1. МЕТОДИКА ВИЯВЛЕННЯ НЕСАНКЦІОНОВАНИХ ОБЧИСЛЮВАЛЬНИХ ПРОЦЕСІВ ІНФОРМАЦІЙНО-ТЕЛЕКОМУНІКАЦІЙНИХ СИСТЕМ

Author

Denys Doroshenko

Subjects

Event (computing), Computer science, business.industry, Process (engineering), Keystroke logging, Computer security, computer.software_genre, Security policy, Task (project management), Attack model, Software, Covert, business, computer

Abstract

У статті запропоновано методику виявлення несанкціонованих обчислювальних процесів інформаційнотелекомунікаційних систем. Існуючі технології виявлення APT атак засновані на процедурах багаторівневого аналізу великого масиву даних про різноманітні поточні події в ІТС. Ці дані збираються в електронних журналах подій. Очевидно, що модель APT атаки повинна дозволяти пов’язувати події за часом і в просторі. Комплекси програм, які наповнюють інформацією журнали і реалізують автоматизовані технології їх аналізу, відомі як системи SIEM. У свою чергу, технології автоматизованого аналізу подій засновані на моделях атак. Шаблон APT атаки – це набір взаємопов’язаних подій. Порівняння такого шаблону і поточних подій становить суть процесу оцінки в рамках SIEM. Основним завданням методики є автоматизація процесу виявлення несанкціонованих дій, прийняття рішення про наявність APT атаки, та реалізацію методів захисту від неї. Основу APT атаки становить комплекс дій, що реалізуються в різних компонентах ІТС на тривалому відрізку часу. З позицій політики безпеки такі події окремо можуть нести легальний характер. Розглянуто програмні та апаратні засоби, призначені для прихованого спостереження за діяльністю користувачів інформаційно-телекомунікаційних систем. Санкціоновані моніторингові програмні продукти використовуються адміністраторами безпеки інформаційно-телекомунікаційних систем для забезпечення моніторингу. Детально розглянуто застосування для прихованого моніторингу активних процесів інформаційно-телекомунікаційних систем. Запропоновано використати в якості прикладу несанкціонованого обчислювального процесу програмні та апаратні кейлоггери. Детально описано методи захисту від них. Отримані результати доцільно направити на удосконалення методів виявлення несанкціонованих обчислювальних процесів інформаційно-телекомунікаційних систем.

Published

2021

2. Advanced Keylogger- A Stealthy Malware for Computer Monitoring

Author

Krishna Chandra Tripathi, M. L. sharma, and Aarushi Dwivedi

Subjects

Focus (computing), Information Systems and Management, Computer science, business.industry, computer.software_genre, Computer security, Keystroke logging, Software, Mode (computer interface), Malware, Confidentiality, Central processing unit, business, computer, Information Systems, Hacker

Abstract

Modern society is far more dependent on electronic devices than the previous generations. This dependency has both pros and cons. Although the list of pros is endless, they can easily be outweighed by one con which is being vulnerable to malicious programs. Keylogger is one such malware. Earlier, the prime focus was just limited to recording keystrokes made by a user but now are known for incorporating a multitude of features. Keyloggers are used to steal confidential information covertly and their detection is not quite simple since they execute completely in stealth mode. In this exposition, an advanced software keylogger is proposed which is compared with the existing keyloggers based on two criteria, first being the number of features incorporated and second, the CPU usage while the keylogger is being executed. The evaluation posits that the proposed keylogger contains more features with keeping the CPU usage to a minimum hence making it difficult to be detected by the user.

Published

2021

3. Password policy characteristics and keystroke biometric authentication

Author

Na Liu, Simon Parkinson, Andrew Crampton, Qing Xu, Kyle Dakin, Saad Khan, and Weizhi Xie

Subjects

Password policy, Biometrics, Computer science, Electronic computers. Computer science, Signal Processing, Computer Vision and Pattern Recognition, QA75.5-76.95, Keystroke logging, Computer security, computer.software_genre, computer, Software, Authentication (law)

Abstract

Behavioural biometrics have the potential to provide an additional or alternative authentication mechanism to those involving a shared secret (i.e. a password). Keystroke timings are the focus of this study, where key press and release timings are acquired whilst monitoring a user typing a known phrase. Many studies exist in keystroke biometrics, but there is an absence of literature aiming to understand the relationship between characteristics of password policies and the potential of keystroke biometrics. Furthermore, benchmark datasets used in keystroke biometric research do not enable useful insights into the relationship between their capability and password policy. Herein, substitutions of uppercase, numeric, special characters, and their combination of passwords derived from English words are considered. Timings for 42 participants for the same 40 passwords are acquired. A matching system using the Manhattan distance measure with seven different feature sets is implemented, culminating in an Equal Error Rate of between 6% and 11% and accuracy values between 89% and 94%, demonstrating comparable accuracy to other threshold‐based systems. Further analysis suggests that the best feature sets are those containing all timings and trigraph press to press. Evidence also suggests that phrases containing fewer characters have greater accuracy, except for those with special character substitutions.

Published

2021

4. A Novel Hybrid Textual-Graphical Authentication Scheme With Better Security, Memorability, and Usability

Author

Riaz Ahmed Shaikh, Rashid Mehmood, Ehab Abozinadah, Syed Raheel Hassan, and Shah Zaman Nizamani

Subjects

General Computer Science, Computer science, 0211 other engineering and technologies, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Login, Electronic mail, textual passwords, Shoulder surfing, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Password, Authentication, 021110 strategic, defence & security studies, business.industry, General Engineering, 020206 networking & telecommunications, Usability, Phishing, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, password security, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, graphical passwords, lcsh:TK1-9971, computer

Abstract

Despite numerous efforts, developing an authentication scheme that offers strong security while offering memorability and usability remains a grand challenge. In this paper, we propose a textual-graphical hybrid authentication scheme that improves the security, memorability and usability inadequacies of existing authentication schemes. This has been achieved by combining a range of mechanisms together, in a novel manner, to address weaknesses of the existing security schemes. Firstly, two dynamically selectable modes of password entry (Easy Login, and Secure Login) provide a trade-off between usability and security, allowing the user to dynamically switch to any of these methods in real-time based on the security of the surrounding environment (e.g., secure home environment versus insecure public places) or the criticality of the user account (e.g., a bank account). The other mechanisms included a novel use of the drawmetric mechanism for setting the password to improve memorability, multistep authentication, a novel adaptation of one-time password (OTP) concept using a random selection of password elements, random placement of password elements in different steps, assigning random numbers to the password elements to increase security, and use of simple addition to improve security. We have implemented and analysed the proposed scheme for its security against brute-force attacks, dictionary, shoulder surfing, random guessing, phishing or forming, keystroke/mouse logger, and multiple recording attacks. We have also investigated its usability and memorability, reporting various trends of password elements used and the respective authentication times. Moreover, we have compared the proposed scheme with eight other well-known authentication schemes in terms of its resilience and authentication time. The results and analyses demonstrate the effectiveness of the proposed scheme. We believe that a range of novel methods introduced in this proposed scheme opens several doors for innovation in security techniques.

Published

2021

5. Keyloggers: silent cyber security weapons

Author

Sam Goundar and Akashdeep Bhardwaj

Subjects

021110 strategic, defence & security studies, Information Systems and Management, Exploit, Computer Networks and Communications, Computer science, 0211 other engineering and technologies, Rootkit, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Adware, law.invention, Cybercrime, law, Malware, Safety, Risk, Reliability and Quality, Privilege level, computer, Virtual keyboard

Abstract

Cyber attackers are always seeking to design and push malicious software programs to unsuspecting users, to intentionally steal or cause damage and exploit data on end user systems. Malware types include spyware, keyloggers, rootkits and adware. In the past, script kiddies hacked computers to show off their skills and have fun. Today, hacking computers has become a huge cybercrime industry. Even as systems have improved in terms of both hardware and software, cyber attacks continue unabated. The privilege level at which keyloggers execute is higher than typical malware, which makes them almost impossible to detect and remove. Dr Akashdeep Bhardwaj of the University of Petroleum & Energy Studies, Dehradun, and Dr Sam Goundar of the University of South Pacific, demonstrate how a keylogger can gather keystrokes and screenshots along with online transactions without a scanner being able to detect it. They also suggest a form of virtual keyboard that could defeat this kind of malware.

Published

2020

6. Keylogger Threat to the Android Mobile Banking Applications

Author

Naziour Rahaman, Salauddin Rubel, and Ahmed Al Marouf

Subjects

Password, Credit card, Information sensitivity, Mobile banking, ComputerSystemsOrganization_COMPUTERSYSTEMIMPLEMENTATION, Computer science, Android (operating system), Computer security, computer.software_genre, Keystroke logging, Login, Mobile device, computer

Abstract

Android is presently the world’s most prevalent operating system, reaching more mobile customers than any other operating system to date by providing numerous services via smartphone and various android devices to make our life easy. Most of the android applications are developed by third-party android developers, android provides them an enormous platform to build their application. Modern cyber attackers are highly interested in this platform to access user’s sensitive information; with their own build malicious application or take amenities of other android developer’s application to spy on user’s activity. We have found that keyloggers can thieve personal information from users, such as credit card information or login pin/password from their typed keystroke in social networking and mobile banking apps. In case of mobile banking generally the mobile devices such as smartphones, tablets are being used for financial communications with the banks or financial institutions, by allowing clients and users to conduct a variety of transactions. In android app store (Google Play) keylogger apps are initially blocked but using some vulnerabilities in app permission it can be installed with benign and trusted apps. Both expert and maladroit android smartphone users use the mobile banking application, inexpert users are unable to find the vulnerabilities and attacker’s use this as an advantage to place an attack. The security android has provided for all the application is not sufficient for the sensitive application such as mobile banking application. In our paper, we discuss how attackers steal mobile banking app users sensitive information for their financial gain and also proposed a method to avoid keylogger attacks on android mobile banking apps.

Published

2021

7. Bio-inspired VM Introspection for Securing Collaboration Platforms

Author

Huseyn Huseynov, Tarek Saadawi, and Kenichi Kourai

Subjects

business.industry, Computer science, Rootkit, Cloud computing, Computer security, computer.software_genre, Keystroke logging, System administrator, Videoconferencing, Server, Malware, Collaboration, business, computer

Abstract

As organizations drastically expand their usage of collaborative systems and multi-user applications during this period of mass remote work, it is crucial to understand and manage the risks that such platforms may introduce. Improperly or carelessly deployed and configured systems hide security threats that can impact not only a single organization, but the whole economy. Cloud-based architecture is used in many collaborative systems, such as audio/video conferencing, collaborative document sharing/editing, distance learning and others. Therefore, it is important to understand that safety risk can be triggered by attacks on remote servers and confidential information might be compromised. In this paper, we present an AI powered application that aims to constantly introspect multiple virtual servers in order to detect malicious activities based on their anomalous behavior. Once the suspicious process(es) detected, the application in real-time notifies system administrator about the potential threat. Developed software is able to detect user-space based keyloggers, rootkits, process hiding and other intrusion artifacts via agent-less operation, by operating directly from the host machine. Remote memory introspection means no software to install, no notice to malware to evacuate or destroy data. Conducted experiments on more than twenty different types of malicious applications provide evidence of high detection accuracy.

Published

2021

8. Skype & Type

Author

Mauro Conti, Gene Tsudik, Alberto Compagno, Daniele Lain, and Stefano Cecconello

Subjects

business.product_category, General Computer Science, Computer science, Headset, Input device, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Input devices, 03 medical and health sciences, 0202 electrical engineering, electronic engineering, information engineering, Supervised machine learning, Keystroke sounds, Safety, Risk, Reliability and Quality, 030304 developmental biology, Password, 0303 health sciences, Voice over IP, business.industry, 020206 networking & telecommunications, Eavesdropping, Information sensitivity, Laptop, business, computer

Abstract

Voice-over-IP (VoIP) software are among the most widely spread and pervasive software, counting millions of monthly users. However, we argue that people ignore the drawbacks of transmitting information along with their voice, such as keystroke sounds—as such sound can reveal what someone is typing on a keyboard. In this article, we present and assess a new keyboard acoustic eavesdropping attack that involves VoIP, called Skype & Type ( S&T ). Unlike previous attacks, S&T assumes a weak adversary model that is very practical in many real-world settings. Indeed, S&T is very feasible, as it does not require (i) the attacker to be physically close to the victim (either in person or with a recording device) and (ii) precise profiling of the victim’s typing style and keyboard; moreover, it can work with a very small amount of leaked keystrokes. We observe that leakage of keystrokes during a VoIP call is likely, as people often “multi-task” during such calls. As expected, VoIP software acquires and faithfully transmits all sounds, including emanations of pressed keystrokes, which can include passwords and other sensitive information. We show that one very popular VoIP software (Skype) conveys enough audio information to reconstruct the victim’s input—keystrokes typed on the remote keyboard. Our results demonstrate that, given some knowledge on the victim’s typing style and keyboard model, the attacker attains top-5 accuracy of 91.7% in guessing a random key pressed by the victim. This work extends previous results on S&T , demonstrating that our attack is effective with many different recording devices (such as laptop microphones, headset microphones, and smartphones located in proximity of the target keyboard), diverse typing styles and speed, and is particularly threatening when the victim is typing in a known language.

Published

2019

9. Keylogger Detection using Memory Forensic and Network Monitoring

Author

Jafrul Hossain, Anisur Rahman, Bayzid, and Mohiuddin Shoikot

Subjects

Computer science, Network monitoring, Keystroke logging, Computer security, computer.software_genre, computer

Published

2019

10. Malboard: A novel user keystroke impersonation attack and trusted detection framework based on side-channel analysis

Author

Nitzan Farhi, Yuval Elovici, and Nir Nissim

Subjects

General Computer Science, Computer science, Firmware, Evasion (network security), 020206 networking & telecommunications, 02 engineering and technology, USB, computer.software_genre, Keystroke logging, Computer security, law.invention, Keystroke dynamics, law, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Side channel attack, Law, Host (network), computer

Abstract

Concealing malicious components within widely used USB peripherals has become a popular attack vector utilizing social engineering techniques and exploiting users’ trust in USB devices. This vector enables the attacker to easily penetrate an organization's computers even when the target is secured or in an air-gapped network. Such malicious concealment can be done as part of a supply chain attack or during the device manufacturing process. In cases where the device allows the user to update its firmware, a supply chain attack may involve changing just the device's firmware, thus compromising the device without the need for concealment. A compromised device can impersonate other devices like keyboards in order to send malicious keystrokes to the computer. However, the keystrokes generated maliciously do not match human keystroke characteristics, and therefore they can be easily detected by security tools that are designed to continuously verify the user's identity based on his/her keystroke dynamics. In this paper, we present Malboard, a sophisticated attack based on designated hardware concealment, which automatically generates keystrokes that have the attacked user's behavioral characteristics; in this attack these keystrokes are injected into the computer in the form of malicious commands and thus can evade existing detection mechanisms designed to continuously verify the user's identity based on keystroke dynamics. We implemented this novel attack and evaluated its performance on 30 subjects performing three different keystroke tasks; we evaluated the attack against three existing detection mechanisms, and the results show that our attack managed to evade detection in 83–100% of the cases, depending on the detection tools in place. Malboard was proven to be effective in two scenarios: either by a remote attacker using wireless communication to communicate with Malboard or by an inside attacker (malicious employee) that physically operates and uses Malboard. In addition, in order to address the evasion gap, we developed three different modules aimed at detecting keystroke injection attacks in general, and particularly, the more sophisticated Malboard attack. Our proposed detection modules are trusted and secured, because they are based on three side-channel resources which originate from the interaction between the keyboard, user, and attacked host. These side-channel resources include (1) the keyboard's power consumption, (2) the keystrokes’ sound, and (3) the user's behavior associated with his/her ability to respond to displayed textual typographical errors. Our results showed that each of the proposed detection modules is capable of detecting the Malboard attack in 100% of the cases, with no misses and no false positives; using them together as an ensemble detection framework will assure that an organization is immune to the Malboard attack in particular and other keystroke injection attacks in general.

Published

2019

11. Evalt: Authenticate Implicitly Before Attacks

Author

Chen Li, Lin Wang, and Bibo Tu

Subjects

ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication, Exploit, Computer science, Key (cryptography), Process (computing), Reinforcement learning, Keystroke logging, Computer security, computer.software_genre, Phishing, computer, Block (data storage)

Abstract

Privileged credentials are one of the key targets of attackers. Password authentication is plagued by phishing scams and keyloggers for years. Using a second factor, such as user behavior, as a part of the authentication process offers higher assurance. A great deal of research has been proposed to authenticate based on the behavior of various entities. However, they often play effects after user logging on to the system. Even if the attacks are detected successfully, the malicious activities have been performed and the damage is done. In this paper, we present Evalt, an implicit approach that takes effect before user logging on to enhance authentication with an additional security layer. Evalt exploits the features extracted from authentication events to detect anomalies. Hence it could block the attackers before they cause damage to systems. We test Evalt on an open-source Windows security log dataset. The experiment shows that our method could identify threats with a good performance before the actual damage occurs based on the authentication events' features.

Published

2021

12. Wi-PW: Inferring Smartphone Password Using Wi-Fi Signals

Author

Sheng Chen, Dacang Feng, and Huichao Wang

Subjects

Password, Reflection (computer programming), Computer science, business.industry, Big data, Computer security, computer.software_genre, Keystroke logging, Popularity, Bridge (nautical), Mobile phone, business, computer, Multipath propagation

Abstract

Privacy security in the era of big data is particularly important, but you are likely to reveal your most important privacy, your password, inadvertently. With the deepening of the Internet of Things (IOT), Wi-Fi is widely used as a bridge to connect smart devices. However, with the popularity of Wi-Fi, people will face more threats. When we were sitting in a cafe and enjoying the fun of online shopping with our own data, maybe our payment password was stolen by the surrounding Wi-Fi devices. In this study, we propose a system using Wi-Fi signals to reproduce the password you entered on the smartphone called Wi-PW. Inspired by the influence of human movement on the Wi-Fi signal, we predict the password by analyzing the CSI information in the received Wi-Fi signal. Due to the existence of multipath reflection, unique interference will be generated when entering the password on the mobile phone and clicking different buttons. We can use this unique interference to infer the input password by LSTM model. Experiments show that the system reaches an accuracy top to 79.0% for recognizing a single keystroke.

Published

2021

13. User Perceptions of Defensive Techniques Against Keystroke Timing Attacks During Password Entry

Author

Isaac Griswold-Steiner, Abdul Serwadda, N'godjigui Junior Diarrassouba, and Shreyesh Arangath

Subjects

Scheme (programming language), Password, business.industry, Computer science, 05 social sciences, 020207 software engineering, Usability, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Masking (Electronic Health Record), Password strength, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Timing attack, Shoulder surfing, 0202 electrical engineering, electronic engineering, information engineering, 0501 psychology and cognitive sciences, business, computer, 050107 human factors, computer.programming_language

Abstract

To protect the password from visual attacks, most password entry screens use a password masking scheme that displays a series of placeholder characters (e.g., dots and asterisks) instead of the actual password. Recent research has however shown the security provided by this form of password masking to be weak against keystroke timing-analytics attacks. The underlying idea behind these attacks is that, even when a password is masked as described above, the timing between consecutive placeholder characters gives away information about the password since the relative locations of characters on the keyboard dictate how fast fingers move between them. In this paper we argue that, for security-sensitive applications, password masking mechanisms ought to hide the true intervals between password characters in order to overcome these kinds of attacks. Making adjustments to these timings however has the potential to pose usability issues given the fact that the typing would not perfectly align with the display of typed content. The paper proposes 3 different password masking schemes and undertakes a usability evaluation on them. Our early results suggest that user receptiveness to two of the schemes is not much worse than that seen with the conventional (insecure) scheme.

Published

2021

14. Cybersecurity enhancement using recurrent neural networks and keystroke dynamics

Author

Yufeng Zheng and Adel S. Elmaghraby

Subjects

Password, Authentication, Biometrics, business.industry, Computer science, Deep learning, Context (language use), Keystroke logging, Computer security, computer.software_genre, Keystroke dynamics, Recurrent neural network, Artificial intelligence, business, computer

Abstract

Three-factor authentication is the best available option for cybersecurity enhancement, which includes ‘know’ (password), ‘have’ (username, token, or card) and ‘are’ (biometrics). Each one makes this process stronger and more secure. Imagine an international team working on a long-term project by remotely logging into a secured server. In such a context, adding keystroke biometrics to authentication will definitely improves the cybersecurity. We propose to develop a set of recurrent neural network (RNN) models of utilizing keystroke dynamics as ones’ biometrics to enhance cybersecurity. Keystroke dynamics refers to the process of measuring and assessing human’s typing rhythm on digital devices. Keystroke timing information such as di-graph, dwell time and flight time are used in our experimental datasets. We propose to apply support vector machine and recurrent neural network to keystroke dynamics. Experimental results show the proposed methods are promising in contrast with traditional methods like nearest neighbor and Manhattan distance.

Published

2021

15. Intrusion Detection System for IOT Botnet Attacks Using Deep Learning

Author

Jithu P, Aiswarya Ramdas, Jishma Shareena, and Haripriya A P

Subjects

Artificial neural network, Computer science, business.industry, Deep learning, Botnet, Denial-of-service attack, Intrusion detection system, Protection system, Computer security, computer.software_genre, Keystroke logging, Artificial intelligence, Internet of Things, business, computer

Abstract

The IoT industry is seen intensifying its presence along these recent years. Since IoT devices are small and heterogeneous they can easily fall prey to the cyberattacks. Handling and proper up-gradation of network forensic mechanisms for various security attacks like denial of service, keylogging, man-in-the-middle etc within IoT networks are not easy due to its large size and heterogeneity. Traditional high-end security protection systems are difficult to work in the IoT networks due to the resource constraints and heterogeneous systems within the network. In this paper, we designed an intrusion detection system based on deep learning to uncover IoT DDoS Botnet attacks. The dataset used in this work is designed and developed within a realistic network environment in the Cyber Range Lab of the centre of UNSW Canberra Cyber. The traffic data incorporated includes the combination of normal and attack traffic data. A highly extensible Deep Neural Network (DNN) is developed for IoT networks capable of headstrong detection of the IoT botnet attacks. The evaluation shows that our DNN outperforms the existing systems with high accuracy and precision.

Published

2021

16. Multi-Factor Authentication to Systems Login

Author

Abdullah I. Al-Shoshan and Bandar Omar ALSaleem

Subjects

Password, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication, Electronic authentication, Computer science, Shoulder surfing, Multi-factor authentication, Keystroke logging, Computer security, computer.software_genre, Security token, Login, computer

Abstract

Multi-Factor Authentication is an electronic authentication method in which a computer user is granted access to an application or a website only after successfully presenting two or more factors, or pieces of evidence. It is the first step to protect systems against intruders since the traditional log-in methods (username and password) are not completely protected from hackers, since they can guess them easily using tools. Current Systems use additional methods to increase security, such as using two-factor authentication based on a one-time password via mobile or email, or authentication based on biometrics (fingerprint, eye iris or retina, and face recognition) or via token devices. However, these methods require additional hardware equipment with high cost at the level of small and medium companies. This paper proposes a multi-factor authentication system that combines ease of use and low-cost factors. The system does not need any special settings or infrastructure. It relies on graphical passwords, so the user, in registration phase, chooses three images and memorizes them. In the login phase, the user needs only to choose the correct images that he considered during the registration process in a specific order. The proposed system overcomes many different security threats, such as key-loggers, screen capture attack or shoulder surfing. The proposed method was applied to 170 participants, 75% of them are males and 25% are females, classified according to their age, education level, web experience. One-third of them did not have sufficient knowledge about various security threats.

Published

2021

17. Comparison of Personal Security Protocols

Author

Radosław Bułat and Marek R. Ogiela

Subjects

Authentication, Range (mathematics), Biometrics, Computer science, Identity (object-oriented programming), False positive paradox, Cryptographic protocol, Computer security, computer.software_genre, Keystroke logging, computer, Simple (philosophy)

Abstract

One of the most critical issues in modern society is the possibility of efficient users’ authentication in all the systems and items creating the IoT. There is a need to determine persons’ rights and privileges to use devices they operate in their daily routines. This work aims to explore the most promising research avenues that could prove the user identity based on their behavior, personal characteristics, or history, preferably on-the-fly. There is already a wide range of techniques used, from simple biometrics, through the patterns describing the keystroke and cadence of a given individual during any performed operation. All those methods are considered for their usefulness in more contactless or decentralized systems in a systematic review. That will form a factual research basis for a further avenue of personalized cryptographic protocols. These would not determine what a person has or knows, but more likely – who such a person is and what makes them unique. The issue of false positives and negatives should also balance the tight line between strict metrics of peoples’ behavior and privacy issues.

Published

2021

18. A Unique Approach for Detection and Removal of Key Loggers

Author

Baisakhi Das and Mukund Kr Kedia

Subjects

Password, Credit card, Information sensitivity, Process (engineering), Computer science, sort, Task manager, Computer security, computer.software_genre, Keystroke logging, Filter (software), computer

Abstract

Key loggers are a significant threat to cyber security and privacy worldwide. Though they are useful in some scenarios, they do more harm than good. Companies put key loggers in their systems, to keep an eye on the working of their employees. Most often, attackers send key loggers to victims to get sensitive information like the id, password, credit card details, etc. The antivirus identifies these key loggers in most scenarios, but new key loggers are implemented every day and modern techniques to escape antivirus. In this paper, some methods have been discussed to detect a key logger if installed in the system and also to render the key logger useless even if present in the system. Also, it shows a novel technique of detection and removal of key logger. The approach is to filter and sort out those processes from the Windows Process Explorer, which shows maximum tendencies of being malicious. Then, most malicious application/processes execution is stopped, and their list is presented to user. User has the choice to let them remain in the system or discard them.

Published

2021

19. Malware Security Evasion Techniques: An Original Keylogger Implementation

Author

Manuel Sánchez Rubio, Theofilos Toulkeridis, Walter Fuertes, Mauro Callejas Cuervo, Álvaro Arribas Royo, and Carlos Andrés Estrada

Subjects

malware, Computer science, Process (computing), keylogger, Scopus(2), Evasion (network security), computer.file_format, Computer security, computer.software_genre, Keystroke logging, evasion techniques, Proof of concept, Malware, Confidentiality, Executable, computer, Backdoor

Abstract

The current study evaluates the malware life cycle and develops a keylogger that can avoid Windows 10 security systems. Therefore, we considered the requirements of the malware in order to create a keylogger. Afterward, we developed a customized and unpublished malware, on which we added as many features as necessary using the Python programming language. At the end of this process, the resulting executable program will execute three main threads responsible for collecting the screenshots, keystrokes, and creating the backdoor in the infected system. Furthermore, we added the required methods to avoid the leading security tools used in Windows environments. Finally, we tested the executable file resulting on different websites as proof of concept in a real scenario. As a result, the keylogger has avoided Windows 10 firewalls, user account control, and the antivirus. Moreover, it gathered a significant amount of confidential information about user behavior, including even the credentials of the users, without noticing them.

Published

2021

20. An Obfuscation Technique for Malware Detection and Protection in Sandboxing

Author

V. Vani, Sridhar Chandrasekaran, Kirankumar Manivannan, and V. Sathya

Subjects

Software_OPERATINGSYSTEMS, Computer science, Sandbox (computer security), Obfuscation, Process (computing), Code (cryptography), Malware, computer.software_genre, Keystroke logging, Computer security, computer, User input

Abstract

As sandboxing becomes more and more popular as a malware detection and prevention method, cybercriminals will come up with new ways to evade this technology. For instance, there are new strains of malware that can recognize if they are inside a sandbox. These malware infections do not execute their malicious code until they are outside of the sandbox. One of the techniques that attackers use for evading sandbox solution is Lack of User Input. This malware can analyze the level of user input for detecting a sandbox. In contrast to a sandbox, different types of user activity, such as mouse or keyboard activity frequently occur. The main aim of this chapter is to provide the security by detecting malware infections. This could be accomplished through sandboxing technology. Here the data obtained from the user activity, such as mouse and keyboard activity has been converted into text. This is achieved through heatmaps, scroll maps, attention maps, and keyloggers. Then the data has been converted into text and it is stored in the database. The obtained data has been obfuscated and given for futher process. This is achieved through an AI tool called Delphix. Also this chapter gives an overview about the recent problems that are facing by the industrial people during code testing phase and the recent version of sandboxing and data obfuscation techniques which are currently in use. This chapter also covers the details of converting the user activity into data that is frequently occurring in a real machine. Then obfuscation of data. So that it can be more challenging for the anti-malware engines to detect or analyze. This can be achieved through an AI tool called Delphix which masks the compressed data and keeps it between the multiple clones to hide it from the malware.

Published

2021

21. A Comprehensive Analysis of Keystroke Recognition System

Author

V. Ragul, L. Agilandeeswari, S. Syed Mohammed Nihal, and M. Rahaman Khan

Subjects

Password, Authentication, Biometrics, business.industry, Computer science, Data theft, Access control, Computer security, computer.software_genre, Keystroke logging, Keystroke dynamics, The Internet, business, computer

Abstract

Together with the widening of the Internet plays in the continuous outstretch of the online environment as a potential for business has also increased the fortunes of online malicious attacks and intrusions. They all have their way of stealing the user’s identity. Usernames and passwords which are very weak can be easily cracked by the attackers. User’s credentials thus can be discovered, phished, looted, and then hacked in several different ways. Keystroke recognition is a good technology to facilitate better authentication and protect data theft and has a very minimum amount of drawbacks. Other biometrics needs additional hardware costs whereas this is based on the user typing behavior which just requires a keyboard. Thus Keystroke recognition allows authenticating users through their way of typing on a keyboard of a computer. This paper presents a biometric access control measure: access of computers via keystroke recognition and talks about how identity thefts and user data theft can be prevented by using this keystroke dynamics.

Published

2021

22. Anomaly Detection for Internet of Things (IoT) Using an Artificial Immune System

Author

Nitin Naik, Noe Elisa, Fei Chao, and Longzhi Yang

Subjects

G500, H600, business.industry, Artificial immune system, Computer science, G400, Denial-of-service attack, computer.software_genre, Keystroke logging, Computer security, Naive Bayes classifier, Malware, The Internet, Anomaly detection, business, computer, Wearable technology

Abstract

Internet of Things (IoT) have demonstrated significant impact on all aspects of human daily lives due to their pervasive applications in areas such as telehealth, home appliances, surveillance, and wearable devices. The number of IoT devices and sensors connected to the Internet across the world is expected to reach over 50 billion by the end of 2020. The connection of such rapidly increasing number of IoT devices to the Internet leads to concerns in cyber-attacks such as malware, worms, denial of service attack (DoS) and distributed DoS attack (DDoS). To prevent these attacks from compromising the performance of IoT devices, various approaches for detecting and mitigating cyber security threats have been developed. This paper reports an IoT attack and anomaly detection approach by using the dendritic cell algorithm (DCA). In particular, DCA is an artificial immune system (AIS), which is developed from the inspiration of the working principles and characteristic behaviours of the human immune system (HIS), specifically for the purpose of detecting anomalies in networked systems. The performance of the DCA on detecting IoT attacks is evaluated using publicly available IoT datasets, including DoS, DDoS, Reconnaissance, Keylogging, and Data exfiltration. The experimental results show that, the DCA achieved a comparable detection performance to some of the commonly used classifiers, such as decision trees, random forests, support vector machines, artificial neural network and naïve Bayes, but with reasonably high computational efficiency.

Published

2021

23. Hybrid Shoulder Surfing Attack Proof Approach for User Authentication

Author

Dipti Pawade and Avani Sakhapara

Subjects

Password, Authentication, Focus (computing), business.industry, Computer science, Animation, Computer security, computer.software_genre, Keystroke logging, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Software, Shoulder surfing, Session (computer science), business, computer

Abstract

With the advancement in technology, people register themselves for many websites or applications. Therefore, secure authentication is today’s prime need. Textual passwords are the most commonly used mechanism. But with the invent of software like keyloggers, using only strong textual passwords are not enough. So graphical password comes into the picture. In this paper, we focus on building animation-based hybrid authentication approach which is secure from attacks like the Brute-force attack and Shoulder-surfing attack. HAA is designed by using colors, animation of objects, and alpha-numeric characters and is intended to provide more secure authentication session.

Published

2021

24. Review on the Security Threats of Internet of Things

Author

Prajoy Podder, M. Rubaiyat Hossain Mondal, Subrato Bharati, and Pinto Kumar Paul

Subjects

Signal Processing (eess.SP), FOS: Computer and information sciences, Service (systems architecture), Computer Science - Cryptography and Security, business.industry, Computer science, Context (language use), Cloud computing, computer.software_genre, Computer security, Keystroke logging, Trojan, Ransomware, FOS: Electrical engineering, electronic engineering, information engineering, Malware, Electrical Engineering and Systems Science - Signal Processing, business, computer, Cryptography and Security (cs.CR)

Abstract

Internet of Things (IoT) is being considered as the growth engine for industrial revolution 4.0. The combination of IoT, cloud computing and healthcare can contribute in ensuring well-being of people. One important challenge of IoT network is maintaining privacy and to overcome security threats. This paper provides a systematic review of the security aspects of IoT. Firstly, the application of IoT in industrial and medical service scenarios are described, and the security threats are discussed for the different layers of IoT healthcare architecture. Secondly, different types of existing malware including spyware, viruses, worms, keyloggers, and trojan horses are described in the context of IoT. Thirdly, some of the recent malware attacks such as Mirai, echobot and reaper are discussed. Next, a comparative discussion is presented on the effectiveness of different machine learning algorithms in mitigating the security threats. It is found that the k-nearest neighbor (kNN) machine learning algorithm exhibits excellent accuracy in detecting malware. This paper also reviews different tools for ransomware detection, classification and analysis. Finally, a discussion is presented on the existing security issues, open challenges and possible future scopes in ensuring IoT security., Comment: 9 Pages, 9 figures

Published

2021

25. Design and Implementation of Continuous Authentication Mechanism Based on Multimodal Fusion Mechanism

Author

Xuetao Li, Jianfeng Guan, and Ying Zhang

Subjects

Scheme (programming language), Authentication, Information privacy, Access network, Science (General), Article Subject, Computer Networks and Communications, Computer science, Process (engineering), Computer security, computer.software_genre, Keystroke logging, Insider, Q1-390, Identity (object-oriented programming), T1-995, computer, Technology (General), Information Systems, computer.programming_language

Abstract

Most of the current authentication mechanisms adopt the “one-time authentication,” which authenticate users for initial access. Once users have been authenticated, they can access network services without further verifications. In this case, after an illegal user completes authentication through identity forgery or a malicious user completes authentication by hijacking a legitimate user, his or her behaviour will become uncontrollable and may result in unknown risks to the network. These kinds of insider attacks have been increasingly threatening lots of organizations, and have boosted the emergence of zero trust architecture. In this paper, we propose a Multimodal Fusion-based Continuous Authentication (MFCA) scheme, which collects multidimensional behaviour characteristics during the online process, verifies their identities continuously, and locks out the users once abnormal behaviours are detected to protect data privacy and prevent the risk of potential attack. More specifically, MFCA integrates the behaviours of keystroke, mouse movement, and application usage and presents a multimodal fusion mechanism and trust model to effectively figure out user behaviours. To evaluate the performance of the MFCA, we designed and implemented the MFCA system and the experimental results show that the MFCA can detect illegal users in quick time with high accuracy.

Published

2021

26. Password Authentication Using Keystroke Biometric

Author

M. Vanitha and Shubham Sood

Subjects

Password, Authentication, Keystroke dynamics, Phrase, Exploit, Alphanumeric, Biometrics, Computer science, Keystroke logging, Computer security, computer.software_genre, computer

Abstract

Most of the application utilizes a brief for a username and password. Passwords are recommended to be remarkable, long, perplexing, alphanumeric, and nonmonotonous. These reasons that make passwords secure may prove to be a point of weakness. The intricacy of the secret phrase gives a test to a client and they may record it. This compromise offs the security of the secret phrase and exploits it. An alternative method of security is keystroke biometrics. This methodology utilizes the normal composing pattern of a client for confirmation. This chapter proposes another strategy for diminishing blunder rates and making a robust procedure. The method uses classification techniques to classify the rhythm for passwords of users. Another client confirmation component is utilized on the off chance that clients are unable to coordinate when there is a mismatch in the typing pattern’. For this, we can classify it with the help of the KNN technique for checking the authentication of the application.

Published

2020

27. Keystroke Identifier Using Fuzzy Logic to Increase Password Security

Author

Nathan Schmidt and Adnan Shaout

Subjects

Password, Identifier, Computer science, Fingerprint (computing), Fuzzy control system, Computer security, computer.software_genre, Keystroke logging, Fuzzy logic, computer, Session (web analytics), Password strength

Abstract

Cybersecurity is a major issue today. It is predicted that cybercrime will cost the world $6 trillion annually by 2021. It is important to make logins secure as well as to make advances in security in order to catch cybercriminals. This paper will design and create a device that will use Fuzzy logic to identify a person by the rhythm and frequency of their typing. The device will take data from a user from a normal password entry session. This data will be used to make a Fuzzy system that will be able to identify the user by their typing speed. An application of this project could be used to make a more secure log-in system for a user. The log-in system would not only check that the correct password was entered but also that the rhythm of how the password was typed matched the user. Another application of this system could be used to help catch cybercriminals. A cybercriminal may have a certain rhythm at which they type at and this could be used like a fingerprint to help officials locate cybercriminals.

Published

2020

28. Types of Keyloggers Technologies – Survey

Author

Ashley Tuscano and Thomas Shane Koshy

Subjects

Password, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Software_OPERATINGSYSTEMS, Computer science, Rootkit, Malware, computer.software_genre, Computer security, Keystroke logging, computer

Abstract

Keyloggers are rootkit malware that record the keystrokes of the victim’s system and log it into the attacker’s system. It can be used to capture sensitive data like passwords, PINs, usernames, some kind of confidential messages shared between two entities etc. We would be explaining different types of keyloggers and their working. We have also explained the different applications and measures needed to avoid keylogging activities on your system.

Published

2020

29. Security Features in Fingerprint Biometric System

Author

Siti Nurhafizza Maidin, Ngu War Hlaing, Kamilia Kamardin, Hazilah Mad Kaidi, Noureen Taj, Kamarul Zaman Panatik, and Irfanuddin Shafi Ahmed

Subjects

Palm print, Biometrics, Computer science, Mechanical Engineering, Materials Science (miscellaneous), Fingerprint (computing), System lifecycle, Computer security, computer.software_genre, Keystroke logging, Industrial and Manufacturing Engineering, Mechanics of Materials, Abuse case, Electrical and Electronic Engineering, Requirements analysis, Hand geometry, computer, Civil and Structural Engineering

Abstract

Nowadays, embedded systems run in every setting all around the globe. Recent advances in technology have created many sophisticated applications rich with functionality we have never seen. Nonetheless, security and privacy were a common issue for these systems, whether or not sensitive data can be protected from malicious attacks. These concerns are justified on the grounds that the past of security breaches and the resulting consequences narrate horrific stories concerning embedded systems. The attacks are now evolving, becoming more complex with technological advancements. Therefore, a new way of implementing security in embedded systems must be pursued. This paper attempts to demonstrate the incorporation of security features in fingerprint biometric system in the requirements analysis phase, ensuring the same throughout the system life cycle of embedded systems based on case study. The comparison of various biometric technologies such as face, fingerprint, iris, palm print, hand geometry gait, signature, and keystroke is presented. The aim of this paper includes analyzing, decomposing and transforming the threats and counter-measures identified during the requirements analysis using the abuse case into more specific safety requirements or functions. Furthermore, we have shown that the incorporation of security features into the biometric fingerprint system by analyzing the requirements of the system and providing the main steps for the protection of the biometric system in this paper.

Published

2020

30. Keystroke Biometrics in Response to Fake News Propagation in a Global Pandemic

Author

Julian Fierrez, Javier Ortega-Garcia, Alejandro Acien, Aythami Morales, John V. Monaco, Ruben Tolosana, Ruben Vera, Chan, W.K, Claycomb, Bill, Takakura, Hiroki, Yang, Ji-Jiang, Teranishi, Yuuichi, Towey, Dave, Shahriar, Hossain, Reisman, Sorel, Ahamed, Sheikh Iqbal, Segura, Sergio, and UAM. Departamento de Tecnología Electrónica y de las Comunicaciones

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, Biometrics, Computer science, Context (language use), 02 engineering and technology, Keystroke logging, Computer security, computer.software_genre, Machine Learning (cs.LG), biometric, 0202 electrical engineering, electronic engineering, information engineering, Blacklisting, Telecomunicaciones, Fake News, business.industry, pandemic, 020206 networking & telecommunications, 020207 software engineering, Keystroke, Identification (information), Keystroke dynamics, identification, The Internet, business, Cryptography and Security (cs.CR), computer, COVID 19

Abstract

© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works, This work proposes and analyzes the use of keystroke biometrics for content de-anonymization. Fake news have become a powerful tool to manipulate public opinion, especially during major events. In particular, the massive spread of fake news during the COVID-19 pandemic has forced governments and companies to fight against missinformation. In this context, the ability to link multiple accounts or profiles that spread such malicious content on the Internet while hiding in anonymity would enable proactive identification and blacklisting. Behavioral biometrics can be powerful tools in this fight. In this work, we have analyzed how the latest advances in keystroke biometric recognition can help to link behavioral typing patterns in experiments involving 100,000 users and more than 1 million typed sequences. Our proposed system is based on Recurrent Neural Networks adapted to the context of content de-anonymization. Assuming the challenge to link the typed content of a target user in a pool of candidate profiles, our results show that keystroke recognition can be used to reduce the list of candidate profiles by more than 90%. In addition, when keystroke is combined with auxiliary data (such as location), our system achieves a Rank-1 identification performance equal to 52.6% and 10.9% for a background candidate list composed of 1K and 100K profiles, respectively, This work has been supported by projects: PRIMA (MSCA-ITN-2019-860315), TRESPASS (MSCA-ITN-2019-860813), BIBECA (RTI2018-101248-B-I00 MINECO), BioGuard (Ayudas Fundacion BBVA a Equipos de Investigacion Cientıfica 2017). A. Acien and R. Tolosana are supported by a FPI and postdoc fellowship from the Spanish MINECO

Published

2020

31. Design and Implementation on EMBA Authentication models

Author

Ria Das, Sonali Gupta, Saptarshi Biswas, Indrajit Das, Sanjoy Roy, and Shalini Singh

Subjects

Password, Authentication, Identification (information), Shoulder surfing, Computer science, Eye tracking, Context (language use), Computer security model, Computer security, computer.software_genre, Keystroke logging, computer

Abstract

Authentication systems in general have faced long-term security deficit despite convoluted sophistication within various systems for decades. Unfortunately, humans serve as the weakest prey for exploitation within any security chain. Unskillful and inefficient communications between systems and humans give rise to multiple vulnerabilities related to any security model. Additionally, the Passwords/Personal Identification Numbers (PIN’s) fail to provide idealistic security due to the lack of flawlessness in traditional password systems. On the contrary, since eye movements serve as a natural interaction modality, it was observed that the amalgamation of eye-tracking models enhances the overall security. In this context, the work presented in this paper leads to an extensive study and survey of many research works pertaining to existing Eye Movement authentication models. Besides, high-level overview of many conventional authentication methodologies have been discussed that can be launched in such EMBA models. Additionally, comparative analysis and performance metrics of different EMBA system is discussed. It was observed that the eye-password method has highest accuracy (97%) and eye motion based techniques has lowest accuracy (60%). Finally, an eye pupil tracking based authentication model has been proposed with accuracy of Eye detection, Eye open or closed detection and Eye pupil tracking detection are 98%, 92.51% and 96.25% respectively.

Published

2020

32. Virtual Machine Introspection for Anomaly-Based Keylogger Detection

Author

Huseyn Huseynov, Obinna Igbe, Kenichi Kourai, and Tarek Saadawi

Subjects

021110 strategic, defence & security studies, Exploit, Artificial immune system, Computer science, business.industry, 0211 other engineering and technologies, Cloud computing, 02 engineering and technology, computer.software_genre, Computer security, Keystroke logging, Kernel (image processing), Virtual machine, Malware, business, computer, Edge computing

Abstract

Software Keyloggers are dominant class of malicious applications that surreptitiously logs all the user activity to gather confidential information. Among many other types of keyloggers, API-based keyloggers can pretend as unprivileged program running in a user-space to eavesdrop and record all the keystrokes typed by the user. In a Linux environment, defending against these types of malware means defending the kernel against being compromised and it is still an open and difficult problem. Considering how recent trend of edge computing extends cloud computing and the Internet of Things (IoT) to the edge of the network, a new types of intrusion-detection system (IDS) has been used to mitigate cybersecurity threats in edge computing. Proposed work aims to provide secure environment by constantly checking virtual machines for the presence of keyloggers using cutting edge artificial immune system (AIS) based technology. The algorithms that exist in the field of AIS exploit the immune system’s characteristics of learning and memory to solve diverse problems. We further present our approach by employing an architecture where host OS and a virtual machine (VM) layer actively collaborate to guarantee kernel integrity. This collaborative approach allows us to introspect VM by tracking events (interrupts, system calls, memory writes, network activities, etc.) and to detect anomalies by employing negative selection algorithm (NSA).

Published

2020

33. Proactive Forensics: Keystroke Logging from the Cloud as Potential Digital Evidence for Forensic Readiness Purposes

Author

Richard Adeyemi Ikuesan, Nickson M. Karie, Victor R. Kebande, Sheunesu M. Makura, and Hein S. Venter

Subjects

Computer science, Process (engineering), business.industry, Digital forensics, Cloud computing, computer.software_genre, Keystroke logging, Computer security, Digital evidence, Code (cryptography), Malware, business, computer, Chain of custody

Abstract

The relationship between negative and positive connotations with regard to malware in the cloud is rarely investigated according to the prevailing literature. However, there is a significant relationship between the use of positive and negative connotations. A clear distinction between the two emanates when we use the originally considered malicious code, for positive connotation like in the case of capturing keystrokes in a proactive forensic purpose. This is done during the collection of digital evidence for Digital Forensic Readiness (DFR) purposes, in preparation of a Digital Forensic Investigation (DFI) process. The paper explores the problem of having to use the keystrokes for positive reasons as a piece of potential evidence through extraction and digitally preserving it as highlighted in ISO/IEC 27037: 2012 (security approaches) and ISO/IEC 27043: 2015 (legal connotations). In this paper, therefore, the authors present a technique of how DFR can be achieved through the collection of digital information from the originally considered malicious code. This is achieved without modifying the cloud operations or the infrastructure thereof, while preserving the integrity of digital information and possibly maintain the chain of custody at the same time. The paper proposes that the threshold of malicious code intrusion in the cloud can be transformed to an efficacious process of DFR through logical acquisition and digitally preserving keystrokes. The experiment-tested keystrokes have shown a significant approach that could achieve proactive forensics.

Published

2020

34. Computer Viruses, Malicious Logic, and Spyware

Author

Vitali Saladukha and Anatoly Belous

Subjects

Software_OPERATINGSYSTEMS, Computer science, business.industry, Rootkit, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Keystroke logging, Computer security, computer.software_genre, Information protection policy, Computer virus, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Information sensitivity, Software, Trojan, Microsoft Windows, ComputingMilieux_COMPUTERSANDSOCIETY, business, computer

Abstract

Computer viruses, software Trojans, and spyware are discussed in this chapter. The main models of impact of software Trojans on computers, methods of introduction, and their interaction with the attacker are considered. Software keylogger, the basic principles of rootkit technologies, cookies spyware, and Regin spyware are studied in detail. Various examples are given to illustrate ways of Trojan software introduction in a standard PE file of the Microsoft Windows operating system. The peculiarities of the most well-known methods for sensitive information retrieval based on the analysis of acoustic and electromagnetic radiation, as well as the most effective methods to ensure information protection from exposure to viruses, spyware, and software Trojans are considered in detail.

Published

2020

35. Presentation Attacks in Mobile and Continuous Behavioral Biometric Systems

Author

Tempestt Neal and Damon L. Woodard

Subjects

Authentication, Modality (human–computer interaction), Spoofing attack, Biometrics, Computer science, Data_MISCELLANEOUS, Context (language use), Adversary, Computer security, computer.software_genre, Keystroke logging, computer, Mobile device

Abstract

Active authentication allows an individual’s identity to be continuously verified in a transparent fashion. For devices centered on user convenience, active authentication using behavioral biometrics is an appealing solution to user authentication since behavioral data can be captured as consumers naturally interact with their devices. However, while such implementations are user-friendly and help to counter some of the challenges associated with knowledge-based authentication methods (e.g., easily guessed passcodes), an adversarial attack must be carefully considered. In this regard, to gain unauthorized access to a secured device, an adversary may falsify biometric information through impersonating the legitimate user. This attack is often referred to as a presentation attack or biometric spoofing. Throughout this chapter, various attack scenarios on mobile devices are discussed for gait, keystroke and touch dynamics, and user-device interaction modalities. Presentation attacks are categorized according to the biometric modality, which may differ given the context of the sensor component involved. This chapter exposes multiple research gaps and challenges which could significantly strengthen adversary detection once addressed, while discussing novel research in which no sensor information is required.

Published

2020

36. A survey on screenlogger attacks as well as countermeasures

Author

Hugo Sbai, Samy Meftali, Michael Goldsmith, Jassim Happa, Department of Computer Science, University of Oxford, Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189 (CRIStAL), Centrale Lille-Université de Lille-Centre National de la Recherche Scientifique (CNRS), and University of Oxford [Oxford]

Subjects

021110 strategic, defence & security studies, Computer science, 0211 other engineering and technologies, 030208 emergency & critical care medicine, 02 engineering and technology, computer.software_genre, Keystroke logging, Computer security, law.invention, Upload, 03 medical and health sciences, 0302 clinical medicine, Shoulder surfing, law, Hardware and Architecture, Server, Malware, Confidentiality, [INFO.INFO-ES]Computer Science [cs]/Embedded Systems, Mobile device, computer, Software, ComputingMilieux_MISCELLANEOUS, Virtual keyboard

Abstract

Keyloggers and screenloggers are one of the active growing threats to user's confidentiality as they can run in user-space, easily be distributed and upload information to remote servers. They use a wide number of different technologies and may be implemented in many ways. Keyloggers and screenloggers are very largely diverted from their primary and legitimate function to be exploited for malicious purposes compromising the privacy of users, and bank customers notably. Due to the recent multiplication of mobile devices with a touchscreen, the screenlogger threat has become even more dangerous. This threat is even harder to fight given the limited resources of the affected devices. This paper is the first step of a project aiming at proposing efficient countermeasures against screenloggers. It provides a complete overview of the different techniques used by this malware and discusses an extensive set of plausible counter measures.

Published

2020

37. Eavesdrop with PoKeMon: Position free keystroke monitoring using acoustic data

Author

Fang Yuyi, Geyong Min, Zi Wang, Haojun Huang, Yue Cao, Zhiwei Zhao, and Hao Yin

Subjects

Scheme (programming language), Computer Networks and Communications, Computer science, business.industry, Real-time computing, 020206 networking & telecommunications, 02 engineering and technology, Keystroke logging, Computer security, computer.software_genre, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, The Internet, business, computer, Software, computer.programming_language

Abstract

Keyboard input is an important way to enter massive personal information into computing systems and the Internet in our social life. The large amount of acoustic data from the keystroke tapping makes it possible for eavesdroppers to snoop the sensitive and private input remotely. Keystroke monitoring using the acoustic signals, which extracts the user information directly from the keystroke acoustics, is a critical security and privacy issue and has recently attracted much research attention. The existing works use smartphones to collect and infer the keystrokes with various data analysis algorithms. However, most of them rely on the assumption that the phone-keyboard relative position is known in advance, which is often unrealistic for real-world scenarios such as adversary eavesdropping. To address this problem and make keystroke monitoring free to use, in this paper, we propose a Po sition free Ke ystroke Mon itoring scheme using a single smartphone. By exploiting the reliable linguistic accountings and the layout of a certain keyboard, we develop a geometrical approach to estimate the relative positions and angles of the smartphone to the keyboard. Our proposed scheme can self-calibrate the position estimation with the continuous acoustic signals. After that, effective keystroke snooping is established based on the Mel-Frequency Cepstral Coefficient and adaptive k -means clustering. We conduct experiments with Samsung S4 smartphones and simulations. The results show that the positioning scheme achieves a high accuracy by 93%, and the keystroke snooping accuracy is improved by 32.6% compared to the existing works.

Published

2018

38. Biometric re-authentication: an approach towards achieving transparency in user authentication

Author

Kakali Chatterjee and Neha

Subjects

Password, User authentication, Authentication, Biometrics, Computer Networks and Communications, Computer science, Data_MISCELLANEOUS, 020207 software engineering, 02 engineering and technology, Transparency (human–computer interaction), Keystroke logging, Computer security, computer.software_genre, Authentication (law), Task (project management), ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, computer, Software

Abstract

Providing fixed re-authentication attempts to the user in case of password mismatch is a very old concept. But as password based authentication mechanisms are prone to many security attacks, user’s biometric properties along with passwords are highly in use for user authentication these days. It will be more secure and convenient if re-authentication influenced by the biometric behavior of the user is applied in the authentication system. It is a challenging task to identify a genuine user using behavioral biometric due to its low repeatability and wide variation. So, to increase the efficiency and robustness of the authentication system in case of score mismatch, the clustering of user’s behavior and assigning different re-authentication attempt to different cluster is needed. In this paper, we have proposed a transparent fixed text, keystroke based user authentication framework, which will enhance the security of traditional password based authentication mechanism. A new classification algorithm and dynamic attempt allocation algorithm have been proposed which will make the authentication system smart enough to provide the genuine user a fare authentication attempt.

Published

2018

39. The impact of application context on privacy and performance of keystroke authentication systems

Author

Mike O'Neal, Azriel Richardson, Aaron Elliott, Paolo Gasti, and Kiran S. Balagani

Subjects

Application Context, 021110 strategic, defence & security studies, Computer Networks and Communications, Computer science, 05 social sciences, 0211 other engineering and technologies, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Authentication (law), Hardware and Architecture, 0501 psychology and cognitive sciences, Safety, Risk, Reliability and Quality, computer, 050107 human factors, Software

Published

2018

40. Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes

Author

Chengyi Zhang, Qihui Zhou, Yazhe Wang, Tian Chen, and Peng Liu

Subjects

lcsh:Computer engineering. Computer hardware, Computer Networks and Communications, Computer science, 0211 other engineering and technologies, lcsh:TK7885-7895, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, lcsh:QA75.5-76.95, Trusted path, Artificial Intelligence, Visor, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Input method, Android (operating system), 021110 strategic, defence & security studies, TrustZone, Android app security, User privacy, lcsh:Electronic computers. Computer science, computer, Software, Information Systems, Soft keyboard

Abstract

Third-party IME (Input Method Editor) apps are often the preference means of interaction for Android users’ input. In this paper, we first discuss the insecurity of IME apps, including the Potentially Harmful Apps (PHAs) and malicious IME apps, which may leak users’ sensitive keystrokes. The current defense system, such as I-BOX, is vulnerable to the prefix substitution attack and the colluding attack due to the post-IME nature. We provide a deeper understanding that all the designs with the post-IME nature are subject to the prefix-substitution and colluding attacks. To remedy the above post-IME system’s flaws, we propose a new idea, pre-IME, which guarantees that “Is this touch event a sensitive keystroke?” analysis will always access user touch events prior to the execution of any IME app code. We design an innovative TrustZone-based framework named IM-Visor which has the pre-IME nature. Specifically, IM-Visor creates the isolation environment named STIE as soon as a user intends to type on a soft keyboard, then the STIE intercepts,Android event sub translates and analyzes the user’s touch input. If the input is sensitive, the translation of keystrokes will be delivered to user apps through a trusted path. Otherwise, IM-Visor replays non-sensitive keystroke touch events for IME apps or replays non-keystroke touch events for other apps. A prototype of IM-Visor has been implemented and tested with several most popular IMEs. The experimental results show that IM-Visor has small runtime overheads.

Published

2018

41. Improved keylogging and shoulder-surfing resistant visual two-factor authentication protocol

Author

Walid I. Khedr

Subjects

Password, 021110 strategic, defence & security studies, Authentication, Computer Networks and Communications, Computer science, 0211 other engineering and technologies, 02 engineering and technology, Multi-factor authentication, Computer security, computer.software_genre, Keystroke logging, Phishing, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Shoulder surfing, Authentication protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Safety, Risk, Reliability and Quality, computer, Software, Vulnerability (computing)

Abstract

Designing a secure user authentication method that involves human in the authentication procedure is a challenging problem. Due to their high user convenience, the password is the most widely used means of authentication. However, passwords are vulnerability to compromise by disclosure using various forms of information tapping like Keylogging, phishing attack, human shoulder-surfing and camera-based recording. This paper starts with an analysis of a previous attempt that proposes two visual authentication protocols to enhance password authentication. These protocols were based on the use of user-driven visualization utilizing two-dimensional barcode and smartphones. Even though the two protocols resist some known types of attacks, our analysis reveals serious shortcomings. The first protocol is not secure against theft of a smartphone. Both protocols are not secure against shoulder surfing, camera-based recording and phishing attacks. In this paper, the deficiencies of the original scheme are demonstrated, then a two-factor authentication scheme that eliminates these deficiencies is presented. A prototype of the proposed scheme is implemented and a secured virtual on-screen keyboard (SVOSK) comprising dynamic emoticon keyboard layout is also proposed. Formal security proof and usability analyses show that the proposed scheme is secure, efficient and has a high level of usability.

Published

2018

42. How Keyloggers Work and How To Defeat Them

Author

Dave Waterson

Subjects

2019-20 coronavirus outbreak, ComputingMilieux_THECOMPUTINGPROFESSION, Coronavirus disease 2019 (COVID-19), Severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2), Computer security, computer.software_genre, Keystroke logging, GeneralLiterature_MISCELLANEOUS, Computer Science Applications, Theoretical Computer Science, Work (electrical), Hardware and Architecture, Security, Business, AcademicSubjects/SCI01640, computer, Software

Abstract

Homeworking policies, necessary to curtail COVID-19, have also had the effect of exposing smaller enterprises to a level of sophisticated cyber-attack ordinarily reserved for large multi-nationals, writes Dave Waterson, CEO of SentryBay.

Published

2021

43. Keylogger Detection and Prevention

Author

Akhilesh kumar singh, Arjun Singh, Dheerendra kumar tyagi, and Pushpa Choudhary

Subjects

History, Computer science, Computer security, computer.software_genre, Keystroke logging, computer, Computer Science Applications, Education

Abstract

Keyloggers are kind of a rootkit malware that catch composed keystroke occasions of the console and save into log record, hence, it can capture delicate data, for example, usernames, PINs, and passwords, in this manner communicates into vindictive assailant without pulling in the consideration of clients. Keyloggers present a significant danger to deals and individual exercises such as E-business, internet banking, email talking, and framework information base. Antivirus programming that is ordinarily used to identify and eliminate known Keyloggers. Nonetheless, it can’t recognize obscure Keyloggers. This paper presents an outline of Keyloggers programs, types, qualities of Keyloggers and philosophy they use. At last we will break down the current discovery procedures, and investigate a few proactive methods.

Published

2021

44. An Efficient Biometric Based Remote User Authentication Technique for Multi-server Environment

Author

Neha and Kakali Chatterjee

Subjects

Multi server, Authentication, User authentication, Biometrics, Computer science, Data_MISCELLANEOUS, Process (computing), 020206 networking & telecommunications, 02 engineering and technology, Keystroke logging, Computer security, computer.software_genre, Computer Science Applications, Task (computing), Keystroke dynamics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, computer

Abstract

With the increasing demand of remote user authentication process for accessing many Internet based applications, biometrics based authentication mechanisms are highly being adopted. But using biometrics for these authentication mechanisms the features need to be captured and database need to be stored somewhere. Storing such a huge amount of biometric data itself has many security and privacy issues. Like revoking compromised biometric template is impossible. So template security is very important here. But due to low repeatability of biometrics, it is a challenging task to ensure template security while achieving high recognition performance of valid user. Hence, here we have proposed a keystroke based multi-server authentication mechanism which uses bio-hash template security technique. The bio-hash transform a biometric trait in an invariant feature which helps to increase the recognition performance. A comparison of normal keystroke dynamics and bio-hashed keystroke dynamics authentication performance has been done here. The bio-hashed keystroke shows better ERR of 0.15% compared to plain keystroke with 0.231% ERR.

Published

2017

45. ACO-Random Forest Approach to Protect the Kids from Internet Threats through Keystroke

Author

Utpal Roy, Sinha D.D, and Soumen Roy

Subjects

Computer science, General Engineering, 06 humanities and the arts, 010501 environmental sciences, 0603 philosophy, ethics and religion, Keystroke logging, Computer security, computer.software_genre, 01 natural sciences, Random forest, 060301 applied ethics, Web threat, computer, 0105 earth and related environmental sciences

Published

2017

46. Sensor Guardian: prevent privacy inference on Android sensors

Author

Yu-Ping Wang, Jie Yin, and Xiaolong Bai

Subjects

lcsh:Computer engineering. Computer hardware, Computer science, 0211 other engineering and technologies, Inference, lcsh:TK7885-7895, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Accelerometer, lcsh:QA75.5-76.95, Hooking, Android, 0202 electrical engineering, electronic engineering, information engineering, Android (operating system), Instrumentation, Sensor, 021110 strategic, defence & security studies, Protection, business.industry, Privacy protection, 020206 networking & telecommunications, Computer Science Applications, Information sensitivity, Privacy, Embedded system, Signal Processing, Guardian, lcsh:Electronic computers. Computer science, business, computer

Abstract

Privacy inference attacks based on sensor data is an emerging and severe threat on smart devices, in which malicious applications leverage data from innocuous sensors to infer sensitive information of user, e.g., utilizing accelerometers to infer user’s keystroke. In this paper, we present Sensor Guardian, a privacy protection system that mitigates this threat on Android by hooking and controlling applications’ access to sensors. Sensor Guardian inserts hooks into applications by statically instrumenting their APK (short for Android Package Kit) files and enforces control policies in these hooks at runtime. Our evaluation shows that Sensor Guardian can effectively and efficiently mitigate the privacy inference threat on Android sensors, with negligible overhead during both static instrumentation and runtime control.

Published

2017

47. Person Identification by Keystroke Dynamics Using Pairwise User Coupling

Author

Patrick Bours and Soumik Mondal

Subjects

Authentication, Computer Networks and Communications, business.industry, Computer science, 010401 analytical chemistry, 02 engineering and technology, Computer security, computer.software_genre, Machine learning, Keystroke logging, 01 natural sciences, 0104 chemical sciences, Identification (information), Keystroke dynamics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Pairwise comparison, Artificial intelligence, Safety, Risk, Reliability and Quality, business, computer

Abstract

Due to the increasing vulnerabilities in cyberspace, security alone is not enough to prevent a breach, but cyber forensics or cyber intelligence is also required to prevent future attacks or to identify the potential attacker. The unobtrusive and covert nature of biometric data collection of keystroke dynamics has a high potential for use in cyber forensics or cyber intelligence. In this paper, we investigate the usefulness of keystroke dynamics to establish the person identity. We propose three schemes for identifying a person when typing on a keyboard. We use various machine learning algorithms in combination with the proposed pairwise user coupling technique and show the performance of each separate technique as well as the performance when combining two or more together. In particular, we show that pairwise user coupling in a bottom–up tree structure scheme gives the best performance, both concerning accuracy and time complexity. The proposed techniques are validated by using keystroke data. However, these techniques could equally well be applied to other pattern identification problems. We have also investigated the optimized feature set for person identification by using keystroke dynamics. Finally, we also examined the performance of the identification system when a user, unlike his normal behaviour, types with only one hand, and we show that performance then is not optimal, as was to be expected.

Published

2017

48. Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack

Author

Matan Monitz, Yuval Elovici, and Mordechai Guri

Subjects

021110 strategic, defence & security studies, Bridging (networking), Computer science, 0211 other engineering and technologies, Byte, 02 engineering and technology, Computer security, computer.software_genre, Keystroke logging, Theoretical Computer Science, Attack model, Air gap (networking), Artificial Intelligence, 0202 electrical engineering, electronic engineering, information engineering, Bandwidth (computing), Malware, Cyber-attack, 020201 artificial intelligence & image processing, computer

Abstract

Information is the most critical asset of modern organizations, and accordingly it is one of the resources most coveted by adversaries. When highly sensitive data is involved, an organization may resort to air gap isolation in which there is no networking connection between the inner network and the external world. While infiltrating an air-gapped network has been proven feasible in recent years, data exfiltration from an air-gapped network is still considered one of the most challenging phases of an advanced cyber-attack. In this article, we present “AirHopper,” a bifurcated malware that bridges the air gap between an isolated network and nearby infected mobile phones using FM signals. While it is known that software can intentionally create radio emissions from a video card, this is the first time that mobile phones serve as the intended receivers of the maliciously crafted electromagnetic signals. We examine the attack model and its limitations and discuss implementation considerations such as modulation methods, signal collision, and signal reconstruction. We test AirHopper in an existing workplace at a typical office building and demonstrate how valuable data such as keylogging and files can be exfiltrated from physically isolated computers to mobile phones at a distance of 1--7 meters, with an effective bandwidth of 13--60 bytes per second.

Published

2017

49. AppVeto

Author

Urs Hengartner, Mohammad Mannan, Amr M. Youssef, and Tousif Osman

Subjects

Password, Delegate, ComputerSystemsOrganization_COMPUTERSYSTEMIMPLEMENTATION, business.industry, Computer science, Access control, Permission, Keystroke logging, Computer security, computer.software_genre, Side channel attack, Android (operating system), business, Private information retrieval, computer

Abstract

Modern mobile operating systems such as Android and Apple iOS allow apps to access various system resources, with or without explicit user permission. Running multiple concurrent apps is also commonly supported, although the OS generally maintains strict separation between apps. However, an app can still get access to another app's private information, such as the user input, through numerous side-channels, mostly enabled by having access to permissioned or permission-less (sometimes even unrelated) resources, e.g., inferring keystroke and swipe gestures from a victim app via the accelerometer or gyroscope. Current mobile OSes do not empower an app to defend itself from such implicit interference from other apps; few exceptions exist such as blocking screenshot captures in Android. We propose a general mechanism for apps to defend themselves from any unwanted implicit or explicit interference from other concurrently running apps. Our AppVeto solution enables an app to easily configure its requirements for a safe environment; a foreground app can request the OS to disallow access---i.e., to enable veto powers---to selected side-channel-prone resources to all other running apps for a certain (short) duration, e.g., no access to the accelerometer during password input. In a sense, we enable a finer-grained access control policy than the current runtime permission model, and delegate the responsibility of the resource access decision (for vetoing) from users to app developers. We implement AppVeto on Android using the Xposed framework, without changing Android APIs. Furthermore, we show that AppVeto imposes negligible overhead, while being effective against several well-known side-channel attacks.

Published

2019

50. Biometric Security and Performance Metrics: FAR, FER, CER, FRR

Author

Manivel Kandasamy, M. Sivaram, V. Porkodi, D. Yuvaraj, G. Megala, and Mohamed Uvaze Ahamed. A

Subjects

Password, Authentication, Biometrics, business.industry, Computer science, Data_MISCELLANEOUS, Access control, Computer security, computer.software_genre, Keystroke logging, Identification (information), business, computer, Hand geometry

Abstract

Biometrics manages the computerized acknowledgment of people dependent on natural and social attributes. The example acknowledgment framework perceives an individual by deciding the credibility of a particular conduct normal for person. The primary rule of biometric framework is recognizable proof and check. A biometric confirmation framework use fingerprints, face, hand geometry, iris, and voice, mark, and keystroke elements of a person to recognize an individual or to check a guaranteed character. Biometrics authentication is a form of identification and access control process which identify individuals in packs that are under reconnaissance. Biometric security system increase in the overall security and individuals no longer have to deal with lost ID Cards or forgotten passwords. It helps much organization to see everyone is at a certain time when something might have happened that needs reviewed. The current issues in biometric system with individuals and many organization facing are personal privacy, expensive, data’s may be stolen.

Published

2019