Keyloggers are a prominent class of malicious software that surreptitiously logs all the user activity. Traditional approaches aim to eradicate this threat by either preventing or detecting their deployment. In this paper, we take a new perspective to this problem: we explore the possibility of tolerating the presence of a keylogger, while making no assumption on the keylogger internals or the system state. The key idea is to confine the user keystrokes in a noisy event channel flooded with artificially generated activity. Our technique allows legitimate applications to transparently recover the original user keystrokes, while any deployed keylogger is exposed to a stream of data statistically indistinguishable from random noise. We evaluate our solution in realistic settings and prove the soundness of our noise model. We also verify that the overhead introduced is acceptable and has no significant impact on the user experience.
Scheda prodotto non validato
I dati visualizzati non sono stati ancora sottoposti a validazione formale da parte dello Staff di IRIS, ma sono stati ugualmente trasmessi al Sito Docente Cineca (Loginmiur).
Titolo: | NoisyKey: Tolerating Keyloggers via Keystrokes Hiding |
Autori: | Stefano Ortolani; Bruno Crispo |
Autori Unitn: | |
Titolo del volume contenente il saggio: | 7th USENIX Workshop on Hot Topics in Security, HotSec'12 |
Luogo di edizione: | New York |
Casa editrice: | USENIX Association |
Anno di pubblicazione: | 2012 |
Handle: | http://hdl.handle.net/11572/124679 |
Appare nelle tipologie: | 04.1 Saggio in atti di convegno (Paper in proceedings) |