KeyGuard: Using Selective Encryption to Mitigate Keylogging in Third-Party IME

11/19/2020
by   Jia Wang, et al.
0

As mobile devices become ubiquitous, people around the world have enjoyed the convenience they have brought to our lives. At the same time, the increasing security threats that rise from using mobile devices not only have caught attention from cyber security agencies but also have become a valid concern for mobile users. Keylogging is one of the mobile security threats caused by using insecure third-party IME (input method editor) applications. Keylogging, as the name suggests, keeps track of users key events performed on the device and stores all the events in a log. The log could include highly sensitive data such as credit card number, social security number, and passwords. This paper presents a novel solution by intercepting the keystroke events triggered by a user and encrypting them before sending them to the third-party IME, making the third-party IME unable to log what the users actually entered on the screen. Input will be decrypted when showing on text view on the underlying app. This solution addresses the fundamental reason why an IME may leak sensitive information since an IME will no longer have access to the users actual sensitive information, which will greatly reduce the chance of leaking sensitive information by using a third-party IME while maintaining the functionalities of the third-party IME at the same time.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/11/2020

A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices

Currently, Android malware detection is mostly performed on the server s...
research
03/02/2022

Mobile device users' susceptibility to phishing attacks

The mobile device is one of the fasted growing technologies that is wide...
research
08/19/2020

Exposures Exposed: A Measurement and User Study to Assess Mobile Data Privacy in Context

Mobile devices have access to personal, potentially sensitive data, and ...
research
11/11/2019

Authentication of Smartphone Users Using Behavioral Biometrics

Smartphones and tablets have become ubiquitous in our daily lives. Smart...
research
08/07/2023

Eye-Shield: Real-Time Protection of Mobile Device Screen Information from Shoulder Surfing

People use mobile devices ubiquitously for computing, communication, sto...
research
01/30/2020

Towards Designing A Secure Plausibly Deniable System for Mobile Devices against Multi-snapshot Adversaries – A Preliminary Design

Mobile computing devices have been used broadly to store, manage and pro...
research
01/02/2018

The New Threats of Information Hiding: the Road Ahead

Compared to cryptography, steganography is a less discussed domain. Howe...

Please sign up or login with your details

Forgot password? Click here to reset