中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/48426
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 82005/82005 (100%)
Visitors : 51934728      Online Users : 3037
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://ir.lib.ncu.edu.tw/handle/987654321/48426


    Title: none KKBB: Kernel Keylogger Bye-Bye
    Authors: 洪健惟;Chien-wei Hung
    Contributors: 資訊工程研究所
    Keywords: 鍵盤側錄;按鍵;密碼;安全;監聽;keylogger;keystroke logging;password;security;sniffer
    Date: 2011-07-24
    Issue Date: 2012-01-05 14:54:29 (UTC+8)
    Abstract: 儘管偷竊隱私的手法不斷翻新,鍵盤側錄在實際的案例中仍是名列前茅。攻擊者可以藉由側錄程式得到使用者的密碼,並直接偽裝成使用者偷竊資訊,這在公用電腦上尤其可見。然而,目前的防禦措施仍因要求權限過高、速度緩慢、或是只適用於特定服務等問題,而無法廣泛應用於公共電腦。為此,我們提出了兩種能在網頁瀏覽器中,以一般使用者權限防止多種鍵盤側錄程式的方法,並分別將這兩種方法命名為QTE(Quick Time Event,快速反應事件)和Broker。   QTE法是利用在螢幕上顯示一些特別的提示,讓使用者知道何時可以輸入正確的密碼、何時可以隨意輸入以混淆鍵盤側錄程式,但又不會影響到原本的功能。儘管QTE法能成功混淆大部份的鍵盤側錄程式,但若攻擊者決定不惜成本地對螢幕錄影並人工分析,使用者的密碼仍有可能被猜測出來,這在要求機密的情境下並不完善;為此,我們另外提出了Broker法,讓使用者只需利用一個具有網路能力的裝置,就能經由Broker伺服器將資訊傳給公用電腦、並保證竊聽者無法獲得真正內容。相較於前人的研究,我們的方法不僅可以通用於各個網站,不需要對方支援;同時因為我們成功地把帳號和密碼分散儲存,因此,即使使用者的裝置或Broker伺服器被攻擊者入侵成功,使用者的隱私一樣不會被洩露出去。   Keystroke logging is one of the most widespread threats used for password theft in the world. In this paper, rather than detecting existing malwares or creating a trusted tunnel in the kernel, we present both QTE and Broker methods to safely input passwords in web browsers according to different scenarios. To fit real circumstances, we assume users have limited privileges on the untrusted public computers and they don’t want their passwords being eavesdropped; therefore, a user-space solution is proposed firstly as QTE method.   The QTE method utilizes a canvas to cue users whether their input will be remembered or ignored by our add-on, which provides a chance for users to obfuscate keyloggers by tapping keyboards haphazardly. Despite QTE method is immune to most kernel, hypervisor, hardware, and second-channel keyloggers, it may be ineffective if screen recording is taken by attackers. To eliminate password leakage, the Broker method uses a second device and a Broker server to safely transfer information for users. In contract with previous works, our design successfully separates username and password so that even the second devices and the Broker servers are compromised, users won’t lose their private data to attackers. Furthermore, both methods we proposed can be applied to all websites without their support or users’ settings beforehand.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML548View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明