The deceptive behaviors that offend us most about spyware
Communications of the ACM - Spyware
| Hi-index | 0.00 |
Traditional authentication systems used to protect access to online services are vulnerable by using various types of keyboard hacking tools at application-level and kernel-level. This study has been carried out for the purpose to secure keyboard input information at end to end area between the keyboard hardware and the computer main system. For this, we found out security vulnerabilities at kernel-level in accordance with the input information processing procedure by using risk analysis based technology methodology. To secure derived vulnerabilities we have designed a couple of detailed system components such as debug interrupt exception processing, `JUMP' code insertion, keyboard input encryption and direct transmission. As the consequence of security evaluation on our proposed technologies, we have got experiment results better than literature studies in the confidentiality experiment and the comparison experiment (regarding authentication and access control) about various information invasion tools. We expect that our research would be able to contribute to follow-up study not only to prevent leaking about keyboard input information but also to secure important information in ubiquitous commerce applications.