Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging...
Transcript of Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging...
![Page 1: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/1.jpg)
Touch Interface and Keylogging Malware
IT Innovations 2015, Dubai, UAE
Cybersecurity Research LaboratoryBrigham Young University, Provo, Utah, USA
![Page 2: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/2.jpg)
Authors
Samuel Moses Jon Mercado Allie Larson Dale Rowe
![Page 3: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/3.jpg)
BYU Information Technology
•Cybersecurity Emphasis:•Penetration Testing•Cyber Forensics•Malware Analysis•Information Assurance
•Cybersecurity Research Laboratory•Cyber Physical Systems Security•IT Security Education•Big Data Analytics and Research•Situational Awareness
![Page 4: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/4.jpg)
Outline
• Intro• Threat of Keyloggers• Touch Screens and Smart Cities• Testing Methodology• Findings• Future Work• Conclusion
![Page 5: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/5.jpg)
Intro – What is a Keylogger?
• Hardware Keyloggers• Inserted between keyboard and USB port
• Software Keyloggers• Installed as programs that run in the background
![Page 6: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/6.jpg)
Keyloggers - A Serious Threat
•In 2013 keyloggers played a role in 48% of total data breaches
•In 2014 keyloggers were one of the top 10 threats•2% of POS attacks•13% Crimeware attacks•38% of data breaches
![Page 7: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/7.jpg)
Touchscreens and Smart Cities
• Prevalence of Touchscreens increasing
• Critical Infrastructure , Public Transport, Information Kiosks
![Page 8: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/8.jpg)
Testing Methodology
Tested Keystrokes:1234567890-=
~!@#$%^&*()_+
qwertyuiop[]\
QWERTYUIOP{}|
asdfghjkl;’
ASDFGHJKL:”
zxcvbnm,./
ZXCVBNM<>?
<ctrl>
The quick brown fox jumped over the lazy dog
The quick red<backspace><backspace><backspace>
Tested Keyloggers:•Actual Keylogger•Metasploit Javascript Keylogger•Free Keylogger•Meterpreter Keylogger•Spyrix Keylogger•KeyGrabber Physical Keylogger
![Page 9: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/9.jpg)
Touchscreen FindingsKeylogger 100% Keystroke
CoverageEnter &
Backspace Only0% Keystroke
CoverageActual Keylogger X
Metasploit JavascriptKeylogger
X
Free Keylogger X
Meterpreter Keylogger X
Spyrix Keylogger X
KeyGrabber Physical Keylogger
X
![Page 10: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/10.jpg)
Future Work
• Determining Risk to current and future systems• Review source code of keyloggers
• Most effective touchscreen keylogger attack vectors
• Securing Critical Infrastructure
![Page 11: Touch Interface and Keylogging Malware - Semantic Scholar€¦ · Touch Interface and Keylogging Malware. IT Innovations 2015, Dubai, UAE. Cybersecurity Research Laboratory. Brigham](https://reader030.fdocuments.us/reader030/viewer/2022041105/5f06ec0b7e708231d41a671b/html5/thumbnails/11.jpg)
Conclusion
• Keyloggers are still a threat today and are a threat to smart cities infrastructure
• Adjusting for these security vulnerabilities in the beginning stages of a smart city’s development will more effectively mitigate the risk