Defend a system against keyloggers with a privilege-limited account

Chien Wei Hung, Fu Hau Hsu, Shih Jen Chen, Yan Ling Hwang, Chang Kuo Tso, Li Pin Hsu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Nowadays keystroke logging is one of the most widespread threats used for password theft. In this paper, rather than detecting existing malware or creating a trusted tunnel in the kernel, we present a method called Broker to protect the password that a user provides for a web page to login to a web service. Installing such solutions in a host only requires limited privileges of related computers. The Broker method uses a second device and the Broker server to safely transfer users' account-related information. Comparing with previous work, the Broker method successfully separates user names and passwords so that even a second device and the Broker server are compromised, users still will not leak their private information to attackers. Finally, the Broker method can be applied to all websites without any modification of them.

Original languageEnglish
Title of host publicationInnovation for Applied Science and Technology
Pages3385-3389
Number of pages5
DOIs
StatePublished - 2013
Event2nd International Conference on Engineering and Technology Innovation 2012, ICETI 2012 - Kaohsiung, Taiwan
Duration: 2 Nov 20126 Nov 2012

Publication series

NameApplied Mechanics and Materials
Volume284-287
ISSN (Print)1660-9336
ISSN (Electronic)1662-7482

Conference

Conference2nd International Conference on Engineering and Technology Innovation 2012, ICETI 2012
Country/TerritoryTaiwan
CityKaohsiung
Period2/11/126/11/12

Keywords

  • Authentication
  • Computer security
  • Keylogger
  • Privacy

Fingerprint

Dive into the research topics of 'Defend a system against keyloggers with a privilege-limited account'. Together they form a unique fingerprint.

Cite this