A Solution to Protecting USB Keyboard Data

Author

Lee, Kyungroul ; Kim, Wansoo ; Bae, Kwangjin ; Yim, Kangbin

Author_Institution

Dept. of Inf. Security Eng., Soonchunhyang Univ., Asan, South Korea

fYear

2010

fDate

4-6 Nov. 2010

Firstpage

108

Lastpage

111

Abstract

This paper analyzes security vulnerability to the USB keyboard data, which are transferred between the host and the USB keyboard, and proposes a solution that randomly inserts noise characters among data from the keyboard. Through the research work, the USB host-related data structures, with which the host uses to communicate with a USB keyboard based on the UHCI, are sophisticatedly analyzed and the vulnerability is revealed by implementing the sniffing software utilizing the vulnerability. Additionally, it is proved that the proposed noise mingling approach can be a reasonable solution to the vulnerability by implementing and applying the idea. It is recommended to apply this approach to real transactions to enhance security characteristics for Internet-based financial environment.

Keywords

keyboards; peripheral interfaces; security of data; Internet based financial environment; USB host related data structure; USB keyboard data protection; noise character; noise mingling approach; security characteristics; security vulnerability; Information security; Kernel; Keyboards; Topology; Universal Serial Bus; USB keyboard sniff; hardware vulnerability; insider security; password exposure; privacy problem;

fLanguage

English

Publisher

ieee

Conference_Titel

Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on

Conference_Location

Fukuoka

Print_ISBN

978-1-4244-8448-5

Electronic_ISBN

978-0-7695-4236-2

Type

conf

DOI

10.1109/BWCCA.2010.56

Filename

5633778