Secure Login Protocol Against Keylogger(s)

Lau, Meng Yan (2015) Secure Login Protocol Against Keylogger(s). Final Year Project (Bachelor), Tunku Abdul Rahman University College.

Text LauMengYanRIS201415F.pdf Restricted to Registered users only Download (1MB)

Abstract

Internet nowadays is no longer a save platform for transmitting personal information. There are several ways an attacker can use in order to obtain victim’s credential. Research shows that majority of the internet user has low knowledge on protecting their own credential and system, as in they do not even know if their system has been compromised. One of the most common tool used by attacker is keylogger(s). Keylogger(s) allows attacker to capture keystroke generated by keyboard or even virtual keyboard, screenshot as well as screen recording. Victim’s credential might be captured by attacker upon login to web application services such as Facebook, online banking account, auction account and so forth. It is crucial to protect user’s credential upon login or attacker may violate legitimate user’s account to do something malicious and caused intangible lost to victim. Thus, AKBluetooth which able to bypass keylogger(s) comes in to overcome the problem. AKBluetooth works in such a way which connect user’s machine with android device via Bluetooth. It allows user to type credential from the android device and the key will be sent back to the browser login page. A questionnaire that collect internet user’s behaviour and knowledge has been conducted to aid in this project. AKBluetooth able to protect user credential upon login and it achieved the expecting result. The only weakness of AKBluetooth is the connection of Bluetooth can be sniffed easily, if an attacker able to hack through the connection, the credential might be able to view by attacker. Meanwhile, we had overcome this by setting restriction that only one device can connect to laptop at once. This can eliminate the chance that hack by attacker. I have learnt a lot regarding keylogger as well as the concept running behind Bluetooth. It would be better if the input key can be transmitted through connected cable from android device to laptop. This is because without letting the key go through invisible platform, it would be pretty safe.