• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.187-194
• /
• 2008

This paper proposes an effective countermeasure to an intrinsic hardware vulnerability of the keyboard controller that causes sniffing problem on the password authentication system based on the keyboard input string. Through the vulnerability, some possible attacker is able to snoop whole the password string input from the keyboard even when any of the existing keyboard protection software is running. However, it will be impossible for attackers to gather the exact password strings if the proposed policy is applied to the authentication system though they can sniff the keyboard hardware protocol. It is expected that people can use secure Internet commerce after implementing and applying the proposed policy to the real environment.

• 한국HCI학회:학술대회논문집
• /
• 2009.02a
• /
• pp.245-252
• /
• 2009

We present a design for personalisation of a chording keyboard. There are two primary design goals. Firstly, the keyboard layout should be easy to learn, and easy to use, taking into account the background and physical constraints of the user. Secondly, the keyboard layout should be readily extensible, based on the previous behaviour of the keyboard user. The design proposal accomplishes these goals, and can be simply implemented on cost-effective hardware. In addition, we present preliminary experimental results on optimising the initial keyboard layout.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.177-182
• /
• 2011

This paper introduces a possibility for attackers to acquire the keyboard scan codes through using the RESEND command provided by the keyboard hardware itself, based on the PS/2 interface that is a dominant interface for input devices. Accordingly, a keyboard sniffing program using the introduced vulnerability is implemented to prove the severeness of the vulnerability, which shows that user passwords can be easily exposed. As one of the intrinsic vulnerabilities found on the existing platforms, for which there were little considerations on the security problems when they were designed, it is required to consider a hardware approach to countermeasure the introduced vulnerability.

• Journal of Korea Multimedia Society
• /
• v.8 no.1
• /
• pp.101-110
• /
• 2005

Recently software keyboard is widely used in mobile devices where restrictive hardware keyboard is available. In this paper, new software-driven keyboard input method is proposed, which use minimum number of keyboard input with small keyboard space generated after analyzing of database. In this software keyboard is generated dynamically at each input step by analyzing all possible input words. Software keyboard, only possible key buttons are displayed for minimizing keyboard space and preventing mistyping. And it also provide input word completion function when the number of the candidate words is within threshold scope.

• ETRI Journal
• /
• v.35 no.6
• /
• pp.1160-1163
• /
• 2013

Herein, we propose a novel method to create multidirectional and multilevel pointing input using only a hardware keyboard. The relative position vectors among pressed keys are calculated into an input vector. The pointing performance of this method is evaluated based on the ISO 9241-9 recommendations. We find that the performance of the method is sufficient to create moderate pointing input, as the measurement of the throughput is close to that of a touchpad, as measured in past studies also using the ISO 9241-9 recommendations.

• Journal of Korea Multimedia Society
• /
• v.14 no.1
• /
• pp.15-23
• /
• 2011

In this paper, we propose a keyboard security method that is based on a subclassing. This method doesn't need an additional hardware and can be applied to Web browsers that do not support ActiveX controls. As the users of Web browsers such as Firefox, Safari, Chrome etc. are increased, it is more required to have the keyboard security methods that are based on software and don't use ActiveX controls. Thus we developed the user mode keyboard security method that is based on a subclassing with plugins. Our method doesn't need an additional hardware module and is interoperable with general kernel mode security programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.89-95
• /
• 2008

This paper analyzes the intrinsic vulnerability problems of the authentication system for Internet commerce based on the ID and password strings gathered from the computer keyboard. Through the found vulnerability, it is easy to sniff user passwords as well as any other keyboard inputs even when each of the existing keyboard protection softwares is running. We propose several countermeasures against the possible attacks to the vulnerability at both points of the hardware and the software concerns. The more secure environment for Internet commerce is highly required by implementing the proposed countermeasures.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.11-17
• /
• 2018

Hardware Keyloggers are available in a variety of modular keylogger products with small size and Wi-Fi communication capabilities that can be concealed inside the keyboard. Such keyloggers are more likely to leak important information and sensitive information from government, military, business and individuals because they are difficult to detect if they are used by a third party for malicious purposes. However, unlike software keyloggers, research on security solutions and detection methods are relatively small in number. This paper, we investigate security vulnerability caused by hardware keylogger and existing detection methods, and improve the detection possibility of modular hardware keylogger through non-destructive measurement methods, such as power consumption of keyboard, infrared temperature, and X-ray. Furthenmore, We propose a method that can be done with experimental results.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.18 no.1 s.116
• /
• pp.76-81
• /
• 2007

In this paper, we analyzed the vulnerability of information leakage due to the leakage electromagnetic waves of a PC keyboard. First, we reviewed the keyboard protocol and hardware structure, we analyzed the correlation between the data signal, which is transmitted from the keyboard to the main body, and the leakage signal on the power cable. With the result, we grasped the cause of the Conducted Emission of a PC keyboard. Also, we compared the limit level of the CISPR 22 standard with the amplitude of the keyboard leakage electromagnetic waves we calculated. By analyzing the signal on the power cable of the PC main body through the simple experiment, we show that it is possible to extract the contents of the PC key. Therefore it is verified that the secret information of the PC user could leak out.

• Proceedings of the KOSOMBE Conference
• /
• v.1993 no.05
• /
• pp.113-115
• /
• 1993

In this paper, we proposed a speech support system of personal computer for the blind. The system is consist of hardware part and software part. The hardware part are consist of personal computer and sound card. The software part are consist of sound driver system, character table and sound output algorithm. This system can recognize inputted characters from keyboard and program produced character strings.