• Convergence Security Journal
• /
• v.7 no.2
• /
• pp.65-71
• /
• 2007

Recently, security softwares are the program that is to protect the users from hackers in using electronic financial services. However heackers commit financial crimes to extort asserts using known hacking skills. In our paper, we analyse vulnerability that can be used to hook financial information in user application area and explain end-to-end encryption which is able to be provided by interacting keyboard security program and PKI application program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.177-182
• /
• 2011

This paper introduces a possibility for attackers to acquire the keyboard scan codes through using the RESEND command provided by the keyboard hardware itself, based on the PS/2 interface that is a dominant interface for input devices. Accordingly, a keyboard sniffing program using the introduced vulnerability is implemented to prove the severeness of the vulnerability, which shows that user passwords can be easily exposed. As one of the intrinsic vulnerabilities found on the existing platforms, for which there were little considerations on the security problems when they were designed, it is required to consider a hardware approach to countermeasure the introduced vulnerability.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.55-62
• /
• 2006

It is growing to use the E-Commerce, recently However, if a cracking tool that detects e keyboard input is set up, users' input values and personal information could be taken away. This paper shows the design and implementation of security system that prevent the keyboard input information leaking. The ideas of thus paper are encrypting the keyboard input values with using the keyboard interrupt hooking, the browser embedding program's decrypting the values in case of need and decrypting all values in the web server. The own input control was developed for direct attacks to the browser, and that the values of password fields which are showed as *(asterisk character) won't be decrypted in the client PC is different from other commercial keyboard input security systems. Consequently, this paper shows the chance of realizing a lot safer customer information protective system than before.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1483-1492
• /
• 2016

Ducky USB is one of rarely-known keyboard-emulating BadUSBs. The attacking strategy using Ducky USB is taking and executing the scripted keystroke automatically whenever the USB is inserted into PC. Prior works exhibit some problems such as performance loss and additional device requirement. To solve this problem, this paper devised a countermeasure program to efficiently block the Duck USB in Windows. The experiment proves its effectiveness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.941-950
• /
• 2015

Internet banking is widely used in our life with the development of the internet. At the same time, phishing attacks to internet banking have been increased by using malicious object to make unfair profit. People using internet banking service in Korea is required to install security modules such as anti-virus and keyboard protection. However phishing attack technique has been progressed and the advanced technique such as memory hacking defeats the security module of internet banking service. In this paper, we describe internet banking security modules provided by Korean internet banks and analyze how keyboard encryption module works. And we propose an attack to manipulate account transfer information using javascript. Although keyboard protection module provides two functions that protect leakage and manipulation of account transfer information submitted by users against the malicious program of hackers. Our proposed technique can manipulate the account transfer information and result html pages.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.77-84
• /
• 2012

Recent Security Programs are widely used to improve the security of Client Systems in the Web authentication. Security Program is provide the function of the Keyboard Security and Certificate Management, Vaccines, Firewall. in particular, This Security Program has been used Financial Institutions and Government Agencies, and some private corporate Home Page. and ActiveX is used to install the Security Program. but Security Programs caused by several security vulnerabilities and problems as they appear, are threat to the stability of the Client System. Therefore, This paper will be analyzed through Case Studies and Experiments to the Vulnerabilities and Problems of Security Program and This Is expected to be utilized to further improve the performance of the Security Program and the building of a new Certification Scheme for material in the future.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.63 no.11
• /
• pp.1571-1574
• /
• 2014

In this paper, we propose a unidirectional transmission of critical information obtained by keyboard hacking or kernel and keyboard driver hacking even though the computer is not connected to the external network. We show the hacking can be attempted in the proposed method to show the way preventing such attempts in advance. Firewalls and other various methods are used to prevent the hacking from the external network but the hacking is also attempted in various ways to detour the firewall. One of the most effective way preventing from the hacking attack is physically disconnect the internal intranet systems from the external internet and most of the government systems, military systems and big corporate systems are using this way as on one of the protection method. In this paper, we show the feasibility of transmission of security codes, etc via the short message to the external network on the assumption that a hacking program such as Trojan Horse is installed on the computer systems separated from the external network. Previous studies showed that the letters on the monitor can be hijacked by electromagnetic analysis on the computer to obtain the information even though the system is not connected ti the network. Other studies showed that the security code hint can obtained by analyzing the power consumption distribution of CPU. In this paper, the power consumption distribution of externally accessible power line is analyzed to obtain the information and the information can be transmitted to the external network. Software controlling the CPU and GPU usage is designed to control the power supply of computer. The sensors such as the Rogowski coils can be used on the external power line to collect the data of power consumption change rates. To transmit the user password by short message, due to the capacitive components and the obstacle from other power supply, A very slow protocol are used.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.161-170
• /
• 2024

With the technological advances, the humans have made so much progress in the ease of living and now incorporating the use of sight, motion, sound, speech etc. for various application and software controls. In this paper, we have explored the project in which gestures plays a very significant role in the project. The topic of gesture control which has been researched a lot and is just getting evolved every day. We see the usage of computer vision in this project. The main objective that we achieved in this project is controlling the computer settings with hand gestures using computer vision. In this project we are creating a module which acts a volume controlling program in which we use hand gestures to control the computer system volume. We have included the use of OpenCV. This module is used in the implementation of hand gestures in computer controls. The module in execution uses the web camera of the computer to record the images or videos and then processes them to find the needed information and then based on the input, performs the action on the volume settings if that computer. The program has the functionality of increasing and decreasing the volume of the computer. The setup needed for the program execution is a web camera to record the input images and videos which will be given by the user. The program will perform gesture recognition with the help of OpenCV and python and its libraries and them it will recognize or identify the specified human gestures and use them to perform or carry out the changes in the device setting. The objective is to adjust the volume of a computer device without the need for physical interaction using a mouse or keyboard. OpenCV, a widely utilized tool for image processing and computer vision applications in this domain, enjoys extensive popularity. The OpenCV community consists of over 47,000 individuals, and as of a survey conducted in 2020, the estimated number of downloads exceeds 18 million.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.119-122
• /
• 2012

Keylogger by using Hooking techniques will lead and the keyboard when inputting, private data it uses Sniffing techniques and it meat the fact that it is seized. This program the classified document where the password or the counterpart of specific program draw up or even E-mail contents or great disaster original contents confirmation it is possible it is a technique which is simple but at the slightest slip fatal one is in the use person. It considered the security book about hereupon and it studied and it made it was made to advance and with subject of character dissertation.