(3.231.226.13) 您好!臺灣時間:2020/05/27 00:43
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
本論文永久網址: 
line
研究生:洪健惟
研究生(外文):Chien-wei Hung
論文名稱(外文):KKBB: Kernel Keylogger Bye-Bye
指導教授:許富皓
指導教授(外文):Fu-hau Hsu
學位類別:碩士
校院名稱:國立中央大學
系所名稱:資訊工程研究所
學門:工程學門
學類:電資工程學類
論文出版年:2011
畢業學年度:99
語文別:英文
論文頁數:34
中文關鍵詞:鍵盤側錄按鍵密碼安全監聽
外文關鍵詞:keyloggerkeystroke loggingpasswordsecuritysniffer
相關次數:
  • 被引用被引用:0
  • 點閱點閱:140
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
  儘管偷竊隱私的手法不斷翻新,鍵盤側錄在實際的案例中仍是名列前茅。攻擊者可以藉由側錄程式得到使用者的密碼,並直接偽裝成使用者偷竊資訊,這在公用電腦上尤其可見。然而,目前的防禦措施仍因要求權限過高、速度緩慢、或是只適用於特定服務等問題,而無法廣泛應用於公共電腦。為此,我們提出了兩種能在網頁瀏覽器中,以一般使用者權限防止多種鍵盤側錄程式的方法,並分別將這兩種方法命名為QTE(Quick Time Event,快速反應事件)和Broker。
  QTE法是利用在螢幕上顯示一些特別的提示,讓使用者知道何時可以輸入正確的密碼、何時可以隨意輸入以混淆鍵盤側錄程式,但又不會影響到原本的功能。儘管QTE法能成功混淆大部份的鍵盤側錄程式,但若攻擊者決定不惜成本地對螢幕錄影並人工分析,使用者的密碼仍有可能被猜測出來,這在要求機密的情境下並不完善;為此,我們另外提出了Broker法,讓使用者只需利用一個具有網路能力的裝置,就能經由Broker伺服器將資訊傳給公用電腦、並保證竊聽者無法獲得真正內容。相較於前人的研究,我們的方法不僅可以通用於各個網站,不需要對方支援;同時因為我們成功地把帳號和密碼分散儲存,因此,即使使用者的裝置或Broker伺服器被攻擊者入侵成功,使用者的隱私一樣不會被洩露出去。
  Keystroke logging is one of the most widespread threats used for password theft in the world. In this paper, rather than detecting existing malwares or creating a trusted tunnel in the kernel, we present both QTE and Broker methods to safely input passwords in web browsers according to different scenarios. To fit real circumstances, we assume users have limited privileges on the untrusted public computers and they don’t want their passwords being eavesdropped; therefore, a user-space solution is proposed firstly as QTE method.
  The QTE method utilizes a canvas to cue users whether their input will be remembered or ignored by our add-on, which provides a chance for users to obfuscate keyloggers by tapping keyboards haphazardly. Despite QTE method is immune to most kernel, hypervisor, hardware, and second-channel keyloggers, it may be ineffective if screen recording is taken by attackers. To eliminate password leakage, the Broker method uses a second device and a Broker server to safely transfer information for users. In contract with previous works, our design successfully separates username and password so that even the second devices and the Broker servers are compromised, users won’t lose their private data to attackers. Furthermore, both methods we proposed can be applied to all websites without their support or users’ settings beforehand.
摘 要
Abstract
Acknowledgements
Table of Contents
List of Figures
List of Tables
1. Introduction
2. Related Work
 2-1. Signature-Based Solutions
 2-2. Encryption and Decryption
 2-3. Graphical Password and On-Screen Keyboard
 2-4. One-Time Password
 2-5. Proxy Server
3. System Design
 3-1. QTE Method
  3-1-1. Analysis
  3-1-2. Preliminary QTE Utilization
  3-1-3. Enhanced QTE Utilization
 3-2. Broker Method
  3-2-1. Architecture Overview
  3-2-2. Risk Analysis
4. Implementation
 4-1. QTE Method
 4-2. Broker Method
  4-2-1. Broker Client
  4-2-2. Second Device
  4-2-3. Broker Server
5. Evaluation
 5-1. Experiments
 5-2. Estimated Attacking Time
6. Conclusions
 6-1. Contributions
 6-2. Future Work
References
﹝1﹞Symantec, Symantec Internet Security Threat Report: Trends for 2010, 2011.
﹝2﹞BBC News, UK police foil massive bank theft, BBC News, March 17, 2005.
﹝3﹞InfoWatch, Global Data Leakage Report 2010, 2011.
﹝4﹞Perry S. Kivolowitz, A Program To Allow ANYONE To Crack Unix (4.1 and 2), Available from: http://securitydigest.org/unix/archive/006, November 17, 1983.
﹝5﹞Stefano Ortolani, Cristiano Giuffrida, and Bruno Crispo, Bait your hook: a novel detection technique for keyloggers, Proceedings of the 13th international conference on Recent advances in intrusion detection, Ottawa, Ontario, Canada, 2010.
﹝6﹞Wuul, Log This!, 2008.
﹝7﹞Wuul, AntiKeylogger, 2007.
﹝8﹞SpyReveal, SpyReveal, 2009.
﹝9﹞Fabian Mihailowitsch, Detecting Hardware Keylogger, 2010.
﹝10﹞Frank J. Cini, Keystroke Encryption System, Application Number: 20100195825, 2010.
﹝11﹞Michael Kassner, KeyScrambler: How keystroke encryption works to thwart keylogging threats, Available from: http://www.techrepublic.com/blog/security/keyscrambler-how-keystroke-encryption-works-to-thwart-keylogging-threats/4648, October 25, 2010.
﹝12﹞A. Young and Yung Moti, Deniable password snatching: on the possibility of evasive electronic espionage, IEEE Symposium on Security and Privacy, pp. 224-235, 1997.
﹝13﹞Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter, Bump in the ether: a framework for securing sensitive user input, Proceedings of the annual conference on USENIX ''06 Annual Technical Conference, Boston, MA, 2006.
﹝14﹞R. L. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems", Communications of the ACM, 21, 2, pp. 120-126, 1978.
﹝15﹞M. Hirano, et al., T-PIM: Trusted Password Input Method against Data Stealing Malware, International Conference on Information Technology, pp. 429-434, 2009.
﹝16﹞K. Chen, Reversing and Exploiting an AppleR Firmware Update, Black Hat, Las Vegas, Nevada, 2009.
﹝17﹞Li Zhuang, Feng Zhou, and J. D. Tygar, Keyboard acoustic emanations revisited, Proceedings of the 12th ACM conference on Computer and communications security, Alexandria, VA, USA, 2005.
﹝18﹞Yigael Berger, Avishai Wool, and Arie Yeredor, Dictionary attacks using keyboard acoustic emanations, Proceedings of the 13th ACM conference on Computer and communications security, Alexandria, Virginia, USA, 2006.
﹝19﹞Andrew Kelly, Cracking Passwords using Keyboard Acoustics and Language Modeling, The University of Edinburgh, Master, 2010.
﹝20﹞Martin Vuagnoux and Sylvain Pasini, Compromising electromagnetic emanations of wired and wireless keyboards, Proceedings of the 18th conference on USENIX security symposium, Montreal, Canada, 2009.
﹝21﹞Kehuan Zhang and XiaoFeng Wang, Peeping tom in the neighborhood: keystroke eavesdropping on multi-user systems, Proceedings of the 18th conference on USENIX security symposium, Montreal, Canada, 2009.
﹝22﹞Andrea Barisani and Daniele Bianco, Sniff Keystrokes With Lasers/Voltmeters - Side Channel Attacks Using Optical Sampling Of Mechanical Energy And Power Line Leakage, DEFCON 17, Riviera Hotel and Casino, 2009.
﹝23﹞M. N. Doja and N. Kumar, Image Authentication Schemes against Key-Logger Spyware, ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, pp. 574-579, 2008.
﹝24﹞Hu Wei, Wu Xiaoping, and Wei Guoheng, The Security Analysis of Graphical Passwords, International Conference on Communications and Intelligence Information Security, pp. 200-203, 2010.
﹝25﹞Elizabeth Stobert, et al., Exploring usability effects of increasing security in click-based graphical passwords, Proceedings of the 26th Annual Computer Security Applications Conference, Austin, Texas, 2010.
﹝26﹞Amos P. Waterland, Secure password entry, Application Number: 10/849,610, 2009.
﹝27﹞Kaspersky Lab., Kaspersky Internet Security 2009 includes a virtual keyboard that enables users to enter logins and passwords safely, Available from: http://www.kaspersky.com/news?id=207575675, August 22, 2008.
﹝28﹞Douglas Hoover, Method and apparatus for secure entry of access codes in a computer environment, US Patent No. 6,209,102, Application Number: 09/249,043, 2001.
﹝29﹞Jake Brill, More Ways to Stay Secure, Available from: http://blog.facebook.com/blog.php?post=436800707130.
﹝30﹞Nishit Shah, Advanced sign-in security for your Google account, Available from: http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html.
﹝31﹞Min Wu, Simson Garfinkel, and Rob Miller, Secure Web Authentication with Mobile Phones, DIMACS Workshop on Usable Privacy and Security Software, 2004.
﹝32﹞A. Pashalidis and C. J. Mitchell, Impostor: a single sign-on system for use from untrusted devices, IEEE GLOBECOM, pp. 2191-2195 Vol.4, 2004.
﹝33﹞Eric Gieseke and John McLaughlin, Title, Available from: http://simson.net/ref/2004/csci_e-170/handouts/final/egieseke-john_mclaughlin_paper.pdf, Harvard University Extension, 2005.
﹝34﹞A. Pashalidis, Accessing Password-Protected Resources without the Password, WRI World Congress on Computer Science and Information Engineering, pp. 66-70, 2009.
﹝35﹞Florencio Dinei and Herley Cormac, KLASSP: Entering Passwords on a Spyware Infected Machine Using a Shared-Secret Proxy, Computer Security Applications Conference, 2006. ACSAC ''06. 22nd Annual, pp. 67-76, 2006.
﹝36﹞Tim Rogers, Full Reactive Eyes Entertainment, Game Developer, December, 2010.
﹝37﹞Radicati Group, Email Statistics Report, 2010-2014, 2010.
﹝38﹞KZero, Virtual Worlds 2011+, 2011.
﹝39﹞Miniwatts Marketing Group, World Internet Usage abd Population Statistics, Available from: http://www.internetworldstats.com/stats.htm, March 31, 2011.
﹝40﹞National Institute of Standards and Technology, Advanced Encryption Standard, Federal Information Processing Standards-197, USA, 2001.
﹝41﹞Inc. Apple Computer, Mozilla Foundation, and Opera Software ASA., HTML Living Standard, http://www.whatwg.org, 2011.
﹝42﹞Damballa, Top 10 Botnet Threat Report - 2010, 2011.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔