Papers
Topics
Authors
Recent
Search
2000 character limit reached

KeyGuard: Using Selective Encryption to Mitigate Keylogging in Third-Party IME

Published 19 Nov 2020 in cs.CR | (2011.10012v1)

Abstract: As mobile devices become ubiquitous, people around the world have enjoyed the convenience they have brought to our lives. At the same time, the increasing security threats that rise from using mobile devices not only have caught attention from cyber security agencies but also have become a valid concern for mobile users. Keylogging is one of the mobile security threats caused by using insecure third-party IME (input method editor) applications. Keylogging, as the name suggests, keeps track of user\rq s key events performed on the device and stores all the events in a log. The log could include highly sensitive data such as credit card number, social security number, and passwords. This paper presents a novel solution by intercepting the keystroke events triggered by a user and encrypting them before sending them to the third-party IME, making the third-party IME unable to log what the users actually entered on the screen. Input will be decrypted when showing on text view on the underlying app. This solution addresses the fundamental reason why an IME may leak sensitive information since an IME will no longer have access to the user\rq s actual sensitive information, which will greatly reduce the chance of leaking sensitive information by using a third-party IME while maintaining the functionalities of the third-party IME at the same time.

Authors (2)

Summary

No one has generated a summary of this paper yet.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Continue Learning

We haven't generated follow-up questions for this paper yet.

Collections

Sign up for free to add this paper to one or more collections.