Sign In

Communications of the ACM

ACM TechNews

Computer Attack Mimics ­ser's Keystrokes, Evades Detection


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
In a newly identified attack method, a compromised USB keyboard automatically generates and sends keystrokes that mimic those of the the attacked user.

Researchers at Ben Gurion University in Israel have identified a new form of computer attack that uses a compromised USB keyboard to generate keystrokes that mimic an attacked user's typing.

Credit: webphotographeer/iStock.com

Researchers at the Malware Laboratory of Ben-Gurion University of the Negev (BGU) in Israel have identified a malware technique designed to evade detection via individualized keystroke characteristics.

The Malboard hack involves compromising a Universal Serial Bus keyboard to automatically produce and transmit malicious keystrokes that emulate a targeted user's typing style.

BGU's Nir Nissim said tests showed Malboard successfully evaded three existing detection mechanisms, in 83% to 100% of cases.

The researchers also developed modules to detect such attacks, which BGU's Nitzan Farhi said were "capable of detecting the Malboard attack in 100% of the cases, with no false positives. Using them together as an ensemble detection framework will ensure that an organization is immune to the Malboard attack, as well as other keystroke attacks.”

From Ben-Gurion University of the Negev (Israel)
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account