T-PIM: Trusted Password Input Method against Data Stealing Malware

Abstract

Internet-based financial services like online shopping and online banking have become popular in the past several years. However, most end-user's environments constructed on existing operating systems always face a threat of malware like keylogger and screenlogger. Especially, conventional anti-virus technology cannot prevent a new type of hypervisor-based stealth viruses yet. This paper proposes a novel password protection mechanism called T-PIM (Trusted Password Input Method). Proposed T-PIM mechanism provides a secure password input method to users. Our proposal employs a hypervisor to isolate a trusted domain. This paper shows a design, a prototype implementation, and results of a performance measurement. We discuss security and usability of proposed T-PIM mechanism, preventable and unpreventable attacks, and comparison with conventional measures against data stealing malware.