Virtualization Based Password Protection Against Malware In Untrusted Operating Systems
Conference Proceeding Article
Password based authentication remains as the mainstream user authentication method for most web servers, despite its known vulnerability to keylogger attacks. Most existing countermeasures are costly because they require a strong isolation of the browser and the operating system. In this paper, we propose KGuard, a password input protection system. Its security is based on the hardware-based virtualization without safeguarding the browser or OS. A security-conscious user can conveniently and securely activate or deactivate the password protection by using key combinations. We have implemented KGuard and experimented our prototype on Windows with Firefox. The results show that no significant performance loss is induced by our protection mechanism when a user authenticates to commercial web servers.
Information Security and Trust
Trust and Trustworthy Computing: 5th International Conference, TRUST 2012, Vienna, Austria, June 13-15, 2012. Proceedings
CHENG, Yueqiang and DING, Xuhua.
Virtualization Based Password Protection Against Malware In Untrusted Operating Systems. (2012). Trust and Trustworthy Computing: 5th International Conference, TRUST 2012, Vienna, Austria, June 13-15, 2012. Proceedings. 7344, 201-218. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/1670