A QTE-based Solution to Keylogger Attacks

Hung, Chien-Wei; Hsu, Fu-Hau; Chen, Shih-Jen; Tso, Chang-Kuo; Hwang, Yan-Ling; Lin, Po-Ching; Hsu, Li-Pin

Home // SECURWARE 2012 , The Sixth International Conference on Emerging Security Information, Systems and Technologies // View article

A QTE-based Solution to Keylogger Attacks

Authors:
Chien-Wei Hung
Fu-Hau Hsu
Shih-Jen Chen
Chang-Kuo Tso
Yan-Ling Hwang
Po-Ching Lin
Li-Pin Hsu

Keywords: Authentication, computer security, keylogger, privacy

Abstract:
Nowadays keystroke logging is one of the most widespread threats used for password theft. In this paper, rather than detecting existing malware or creating a trusted tunnel in the kernel, we present a different method QTE (Quick Time Events) to protect the password that a user provides for a web page to login to a web service. Installing such solutions in a host only requires limited privileges of related computers. The QTE method utilizes a canvas to cue users when their input will be recorded or ignored by the QTE add-on, which provides a chance for users to obfuscate keyloggers by inserting meaningless letters among the keystrokes of their passwords. QTE can be applied to all websites without any modification of them.

Pages: 62 to 67

Copyright: Copyright (c) IARIA, 2012

Publication date: August 19, 2012

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-209-7

Location: Rome, Italy

Dates: from August 19, 2012 to August 24, 2012