• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.11-17
• /
• 2018

Hardware Keyloggers are available in a variety of modular keylogger products with small size and Wi-Fi communication capabilities that can be concealed inside the keyboard. Such keyloggers are more likely to leak important information and sensitive information from government, military, business and individuals because they are difficult to detect if they are used by a third party for malicious purposes. However, unlike software keyloggers, research on security solutions and detection methods are relatively small in number. This paper, we investigate security vulnerability caused by hardware keylogger and existing detection methods, and improve the detection possibility of modular hardware keylogger through non-destructive measurement methods, such as power consumption of keyboard, infrared temperature, and X-ray. Furthenmore, We propose a method that can be done with experimental results.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.602-605
• /
• 2015

정보통신의 발달로 인해 우리의 삶을 풍요롭게 해주는 기술들이 많이 생겨났다. 그러나 기술의 발전을 악의적인 목적으로 사용하는 이들이 타인의 정보를 탈취하기 위한 도구를 만들었고, 키로거 역시 그러한 목적을 달성하기 위한 도구 중 하나로 이용되고 있다. 이에 본 논문에서는 기존의 키로거를 소프트웨어 기반과 하드웨어 기반 키로거로 분류한 뒤 하드웨어 키로거의 특징을 언급한다. 그리고 마지막으로 기존의 탐지방법으로 탐지되지 않는 하드웨어 기반의 키로거의 탐지방법에 대해 설명한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.817-820
• /
• 2015

본 논문에서는 국내 모바일 간편 결제 서비스 카카오페이(KakaoPay)의 보안취약점을 분석한다. 이를 위해, 본 연구에서는 모바일 간편 결제 서비스 키패드의 터치 좌표값을 추출하는 키로거 앱(key logger application)을 개발하였다. 키로거 앱을 이용해 사용자가 카카오페이 서비스의 비밀번호를 누를 때 비밀번호가 출력되는 화면 좌표값을 알아내고, 확률분석기법을 통해 추출한 화면 좌표값으로 결제용 비밀번호를 유추해냄으로써, 카카오페이 서비스의 보안 취약점을 도출하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.959-962
• /
• 2006

최근 고객의 컴퓨터와 개인 정보를 보호하기 위하여 개인용 컴퓨터 방화벽과 바이러스 백신의 사용이 점차 증가하고 있다. 그러나 개인용 컴퓨터 방화벽과 바이러스 백신은 이미 존재하거나 발견된 해킹 툴과 바이러스에 대해서만 개인 정보를 보호하기 때문에 한계가 존재한다. 따라서 원천적으로 개인 정보의 유출을 막을 수 있는 솔루션이 필요하다. 그 대표적인 것이 키로그(Keylog) 해킹방지 시스템이다. 이 시스템에서는 키보드의 입력을 암호화하거나 별도의 키보드 드라이버를 생성하여 개인 정보를 보호한다. 하지만 암호화하기 전 단계인 하드웨어 단계에서 개인 정보 유출과 오류로 인한 시스템의 미설치의 문제점이 여전히 존재한다. 본 논문에서는 웹사이트에서 발생하는 이러한 문제점들을 극복하기 위한 하나의 방법으로 KLD(Keyboard Logger Defense) 시스템을 제안하였다. 이 시스템은 키보드 사용으로 발생되는 근본적인 문제점을 해결하기 위하여 웹기반 마우스 입력방식을 사용하였고, 테스트 결과 기존 키로거(Keylogger) 프로그램에 대해서 입력한 키 데이터가 보호됨을 알 수 있었다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.367-369
• /
• 2004

허니팟은 공격자들이 쉽게 공격할 수 있는 시스템이나 네트워크를 구성하여, 악성해커나 스크립트 키드들이 어떻게 시스템을 침입하고 공격하는지 감시할 수 있도록 구성되어 있는 시스템을 말한다. 일반적으로 허니팟은 방화벽과 로그 기록 등으로 감사기능을 수행하는데, 악성해커는 그 로그마저 복구할 수 없도록 삭제하는 경우도 있기 때문에 독립적인 추적 시스템이 필요하다. 본 논문에서는 LKM(Linux Kernel Module)기법을 이용한 키로거를 통해 공격자가 세션 상에서 입력하는 모든 키보드 내용을 기록하여 공격자의 행동을 쉽고 빠르게 분석하는 원격 키스트로크 모니터링 시스템을 설계해 보았다.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.15-21
• /
• 2013

Due to the widespread propagation of mobile platforms such as smartphones and tablets, financial and e-commercial transactions based on these mobile platforms are growing rapidly. Unlike PCs, almost all mobile platforms do not provide physical keyboards or mice but provide virtual keypads using touchscreens. For this reason, an attacker attempts to obtain the coordinates of touches on the virtual keypad in order to get actual key values. To tackle this vulnerability, financial applications for mobile platforms use secure keypads, which change position of each key displayed on the virtual keypad. However, these secure keypads cannot protect users' private information more securely than the virtual keypads because each key has only 2 or 3 positions and moreover its probability distribution is not uniform. In this paper, we analyze secure keypads used by the most financial mobile applications, point out the limitation of the previous research, and then propose a more general and accurate attack method on the secure keypads.

• Journal of Korea Multimedia Society
• /
• v.14 no.1
• /
• pp.15-23
• /
• 2011

In this paper, we propose a keyboard security method that is based on a subclassing. This method doesn't need an additional hardware and can be applied to Web browsers that do not support ActiveX controls. As the users of Web browsers such as Firefox, Safari, Chrome etc. are increased, it is more required to have the keyboard security methods that are based on software and don't use ActiveX controls. Thus we developed the user mode keyboard security method that is based on a subclassing with plugins. Our method doesn't need an additional hardware module and is interoperable with general kernel mode security programs.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.171-180
• /
• 2007

The financial crime that used morale anger Phishing, Pharming, Vishing, SMiSing etc. will gain during recent cyber crimes. We are study systematically whether or not leakage of information and infringement can how easily occur to Phishing, Vishing, SMiSing using a social engineering technique and VoIP at these papers through experiment. A hacker makes Phishing, Vishing site, and test an information infringement process of a user through PiSing mail and a virus, a nasty code, Vishing, a SMiSing character, disarmament of Keylogger prevention S/W etc. as establish server. Information by Phishing, Vishing, SMiSing is infringed with leakage in the experiment results, and confirm, and test certified certificate and White List and a certified authentication mark, plug-in program installation etc. to prevention, and security becomes, and demonstrate. Technical experiment and prevention regarding Phishing of this paper and Vishing attack reduce the damage of information infringement, and be education for Ubiquitous information security will contribute in technical development.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.65-73
• /
• 2012

The traditional text-based password is vulnerable guessing, dictionary attacks, keyloggers, social engineering, stole view, etc. these vulnerability effect more serious problem in a mobile environment. In this study, By using the pattern number to enter the password of an existing four-digit numeric password, User easily use to new password system. The technology on pattern based numerical password authorization proposed in this paper would intensify the security of password which holds existing 10 numbers of cases by authorizing a user and would not invade convenience of use by providing high security and making users memorize only four numbers like old method. Making users not have inconvenience and raising complexity, it would have a strength to an shoulder surfing attack of an attacker. So I study password system that represents the shape-based of number. I propose the new password system to prevent peeking attacks and Brute-force attack, and this proposal is to review the security and usability.

• The Journal of the Korea Contents Association
• /
• v.11 no.4
• /
• pp.33-41
• /
• 2011

Although conventional text-based passwords are used as the most common authentication method, they have significant drawbacks such as guess attacks, dictionary attacks, key loggers, and shoulder-surfing. To address the vulnerabilities of traditional text-based passwords, graphical password schemes have been developed as possible alternative solutions, but they have a potential drawback that they are more vulnerable to shoulder-surfing than conventional text-based passwords. In this paper, we present a new Hangul password input method to prevent shoulder-surfing attacks. Our approach uses Hangul as a password, and it requires the users to locate their password in the given wheeling password grid instead of entering the password. Our approach makes it difficult for attackers to observe a user's password since the system shows the users' passwords with decoy characters as the noise on the screen. Also, we provide security analysis for random attacks, dictionary attacks, and shoulder-surfing attacks, and it shows that our password system is robust against these attacks.