击键日志:强密码足够吗?

2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON) Pub Date : 2017-10-01 DOI:10.1109/UEMCON.2017.8249051

Darshanie Sukhram, T. Hayajneh

{"title":"击键日志:强密码足够吗?","authors":"Darshanie Sukhram, T. Hayajneh","doi":"10.1109/UEMCON.2017.8249051","DOIUrl":null,"url":null,"abstract":"As hackers develop sophisticated phishing and social engineering attacks, it is recommended that users be aware of common tactics and implement stronger and unique passwords for sensitive accounts. Malware typically involved in cyber-attacks includes viruses and worms. Keyloggers are designed to track and capture keystrokes made on devices. They are not given the same priority as the other types of malware, but are also considered malicious as it poses the same level of risk. Having a strong password in this instance does not provide a high level of protection as keyloggers will log each key typed. This paper will discuss the characteristics of keylogging software while providing a summary on methods of protection. Three keylogging software are tested against two anti-keylogging programs to identify what information is captured and which method of protection is stronger. A discussion on risk assessment with regards to keyloggers and remediation techniques is also included.","PeriodicalId":403890,"journal":{"name":"2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"KeyStroke logs: Are strong passwords enough?\",\"authors\":\"Darshanie Sukhram, T. Hayajneh\",\"doi\":\"10.1109/UEMCON.2017.8249051\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As hackers develop sophisticated phishing and social engineering attacks, it is recommended that users be aware of common tactics and implement stronger and unique passwords for sensitive accounts. Malware typically involved in cyber-attacks includes viruses and worms. Keyloggers are designed to track and capture keystrokes made on devices. They are not given the same priority as the other types of malware, but are also considered malicious as it poses the same level of risk. Having a strong password in this instance does not provide a high level of protection as keyloggers will log each key typed. This paper will discuss the characteristics of keylogging software while providing a summary on methods of protection. Three keylogging software are tested against two anti-keylogging programs to identify what information is captured and which method of protection is stronger. A discussion on risk assessment with regards to keyloggers and remediation techniques is also included.\",\"PeriodicalId\":403890,\"journal\":{\"name\":\"2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/UEMCON.2017.8249051\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/UEMCON.2017.8249051","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

由于黑客开发了复杂的网络钓鱼和社会工程攻击，建议用户了解常见的策略，并为敏感帐户使用更强且唯一的密码。通常涉及网络攻击的恶意软件包括病毒和蠕虫。键盘记录器旨在跟踪和捕获设备上的按键。它们与其他类型的恶意软件没有相同的优先级，但也被认为是恶意的，因为它构成了相同级别的风险。在这种情况下使用强密码并不能提供高水平的保护，因为键盘记录程序将记录键入的每个密钥。本文将讨论键盘记录软件的特点，同时对保护方法进行总结。三种键盘记录软件针对两种反键盘记录程序进行测试，以确定捕获的信息和哪种保护方法更强。还包括对键盘记录程序和补救技术的风险评估的讨论。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

KeyStroke logs: Are strong passwords enough?

As hackers develop sophisticated phishing and social engineering attacks, it is recommended that users be aware of common tactics and implement stronger and unique passwords for sensitive accounts. Malware typically involved in cyber-attacks includes viruses and worms. Keyloggers are designed to track and capture keystrokes made on devices. They are not given the same priority as the other types of malware, but are also considered malicious as it poses the same level of risk. Having a strong password in this instance does not provide a high level of protection as keyloggers will log each key typed. This paper will discuss the characteristics of keylogging software while providing a summary on methods of protection. Three keylogging software are tested against two anti-keylogging programs to identify what information is captured and which method of protection is stronger. A discussion on risk assessment with regards to keyloggers and remediation techniques is also included.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON)

自引率

0.00%

发文量