Vulnerability Analysis and Security Assessment of Secure Keyboard Software to Prevent PS/2 Interface Keyboard Sniffing

Abstract

Online security threats have arisen through Internet banking hacking cases, and highly sensitive user information such as the ID, password, account number, and account password that is used for online payments has become vulnerable. Many security companies have therefore researched protection methods regarding keyboard-entered data for the introduction of defense techniques. Recently, keyboard security issues have arisen due to the production of new malicious codes by attackers who have combined the existing attack techniques with new attack techniques; however, a keyboard security assessment is insufficient here. The research motivation is to serve more secure user authentication methods by evaluating the security of information input from the keyboard device for the user authentication, including Internet banking service. If the authentication information input from the keyboard device is exposed during user authentication, attackers can attempt to illegal login or, worst, steal the victim's money. Accordingly, in this paper, the existing and the new keyboard-attack techniques that are known are surveyed, and the results are used as the basis for the implementation of sample malicious codes to verify both a security analysis and an assessment of secure keyboard software. As a result of the experiment, if the resend command utilization attack technique is used, 7 out of 10 companies' products expose keyboard information, and only 1 company's products detect it. The fundamental reason for these vulnerabilities is that the hardware chip related to the PS/2 interface keyboard does not provide security facilities. Therefore, since keyboard data exposure does not be prevented only by software, it is required to develop a hardware chip that provides security facilities.