Author
Listed:
- A. S. Sodiya
- O. Folorunso
- P. B. Komolafe
- O. P. Ogunderu
Abstract
In this work, a countermeasure scheme known as the “Fool the Keylogger Model (FKM) “ was developed for preventing keylogging attacks on Password Authentication Systems. In the FKM, an algorithm called Secured Keystroke Authenticated Password Against Keylogger (SKAPAK algorithm) was developed for dissuading attackers. The model divides the process of user authentication into 3 domains; the User, the Fooled, and the Authentication Domain. The User Domain provides environment for formulation of counterfeit-password. The counterfeit-password is a product of mixture of password characters and random alphanumeric characters or noise characters. This counterfeit-password is then used by the user a non-normal authentication data to login. The Fooled Domain creates an interface for the implementation of SKAPAK algorithm. The algorithm intelligently extracts password token from the counterfeit-password after which it has scaled beyond the visibility scope of the Keylogger. The algorithm then makes a valid authentication request using the normal authentication request data. The final verification and acknowledgement of user’s credentials takes place in the Authentication Domain. The results of data analyzed for this research showed over 99.5% concealment of password from Keylogger and over 95% usability and acceptability of the model. The result revealed a complete elimination of shoulder surfing threats, which simply means spying a user login session and showed that the proposed scheme provides adequate protection against keylogging attack.
Suggested Citation
A. S. Sodiya & O. Folorunso & P. B. Komolafe & O. P. Ogunderu, 2011.
"Preventing Authentication Systems From Keylogging Attack,"
Journal of Information Privacy and Security, Taylor & Francis Journals, vol. 7(2), pages 3-27, April.
Handle:
RePEc:taf:uipsxx:v:7:y:2011:i:2:p:3-27
DOI: 10.1080/15536548.2011.10855909
Download full text from publisher
As the access to this document is restricted, you may want to search for a different version of it.
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:taf:uipsxx:v:7:y:2011:i:2:p:3-27. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Longhurst (email available below). General contact details of provider: http://www.tandfonline.com/uips .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.