Possible keyloggers without implementing a keyboard in android

Itzael Jiménez Aranda; Eleazar Aguirre Anaya; Raúl Acosta Bermejo; Ponciano Jorge Escamilla Ambrosio

doi:10.1007/978-3-319-78816-6_8

Possible keyloggers without implementing a keyboard in android

Itzael Jiménez Aranda, Eleazar Aguirre Anaya, Raúl Acosta Bermejo, Ponciano Jorge Escamilla Ambrosio

Centro de Investigación en Computación (CIC)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Like the main input way to introduce information in the majority mobile devices nowadays is the screen, it is the main source where a malware could get private information. A keylogger, in this way could obtain private information. Researches of this type of malware until this moment are focused on the Android architecture application layer, leaving aside the other layers, so a keylogger could also be implemented in another layer and only use the application layer like the insertion method. An analysis of the data flow when a key is pressed on the screen is presented, from the system call by an interruption caused by hardware, the methods involved in this flow and possible generated logs and related files, performing an experimentation procedure to extract information about the keys pressed in order to determine which points can be used to get private information without the necessity of implement a third-party keyboard.

Original language	English
Title of host publication	Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings
Editors	Ali Ghorbani, Kui Ren, Sencun Zhu, Aiqing Zhang, Xiaodong Lin
Publisher	Springer Verlag
Pages	104-112
Number of pages	9
ISBN (Print)	9783319788159
DOIs	https://doi.org/10.1007/978-3-319-78816-6_8
State	Published - 2018
Event	13th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2017 - [state] ON, Canada Duration: 22 Oct 2017 → 25 Oct 2017

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume	239
ISSN (Print)	1867-8211

Conference

Conference	13th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2017
Country/Territory	Canada
City	[state] ON
Period	22/10/17 → 25/10/17

Keywords

Android keylogger
Keylogger
Malware
Touchlogger
Touchscreen

Access to Document

10.1007/978-3-319-78816-6_8

Cite this

Jiménez Aranda, I., Aguirre Anaya, E., Acosta Bermejo, R., & Escamilla Ambrosio, P. J. (2018). Possible keyloggers without implementing a keyboard in android. In A. Ghorbani, K. Ren, S. Zhu, A. Zhang, & X. Lin (Eds.), Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings (pp. 104-112). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 239). Springer Verlag. https://doi.org/10.1007/978-3-319-78816-6_8

Jiménez Aranda, Itzael ; Aguirre Anaya, Eleazar ; Acosta Bermejo, Raúl et al. / Possible keyloggers without implementing a keyboard in android. Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings. editor / Ali Ghorbani ; Kui Ren ; Sencun Zhu ; Aiqing Zhang ; Xiaodong Lin. Springer Verlag, 2018. pp. 104-112 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST).

@inproceedings{86c45127bdd3470d865b6a5ca7abba44,

title = "Possible keyloggers without implementing a keyboard in android",

abstract = "Like the main input way to introduce information in the majority mobile devices nowadays is the screen, it is the main source where a malware could get private information. A keylogger, in this way could obtain private information. Researches of this type of malware until this moment are focused on the Android architecture application layer, leaving aside the other layers, so a keylogger could also be implemented in another layer and only use the application layer like the insertion method. An analysis of the data flow when a key is pressed on the screen is presented, from the system call by an interruption caused by hardware, the methods involved in this flow and possible generated logs and related files, performing an experimentation procedure to extract information about the keys pressed in order to determine which points can be used to get private information without the necessity of implement a third-party keyboard.",

keywords = "Android keylogger, Keylogger, Malware, Touchlogger, Touchscreen",

author = "{Jim{\'e}nez Aranda}, Itzael and {Aguirre Anaya}, Eleazar and {Acosta Bermejo}, Ra{\'u}l and {Escamilla Ambrosio}, {Ponciano Jorge}",

note = "Publisher Copyright: {\textcopyright} ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018.; 13th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2017 ; Conference date: 22-10-2017 Through 25-10-2017",

year = "2018",

doi = "10.1007/978-3-319-78816-6_8",

language = "Ingl{\'e}s",

isbn = "9783319788159",

series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",

publisher = "Springer Verlag",

pages = "104--112",

editor = "Ali Ghorbani and Kui Ren and Sencun Zhu and Aiqing Zhang and Xiaodong Lin",

booktitle = "Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings",

address = "Alemania",

}

Jiménez Aranda, I, Aguirre Anaya, E , Acosta Bermejo, R & Escamilla Ambrosio, PJ 2018, Possible keyloggers without implementing a keyboard in android. in A Ghorbani, K Ren, S Zhu, A Zhang & X Lin (eds), Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, vol. 239, Springer Verlag, pp. 104-112, 13th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2017, [state] ON, Canada, 22/10/17. https://doi.org/10.1007/978-3-319-78816-6_8

Possible keyloggers without implementing a keyboard in android. / Jiménez Aranda, Itzael; Aguirre Anaya, Eleazar ; Acosta Bermejo, Raúl et al.
Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings. ed. / Ali Ghorbani; Kui Ren; Sencun Zhu; Aiqing Zhang; Xiaodong Lin. Springer Verlag, 2018. p. 104-112 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 239).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Possible keyloggers without implementing a keyboard in android

AU - Jiménez Aranda, Itzael

AU - Aguirre Anaya, Eleazar

AU - Acosta Bermejo, Raúl

AU - Escamilla Ambrosio, Ponciano Jorge

N1 - Publisher Copyright: © ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018.

PY - 2018

Y1 - 2018

N2 - Like the main input way to introduce information in the majority mobile devices nowadays is the screen, it is the main source where a malware could get private information. A keylogger, in this way could obtain private information. Researches of this type of malware until this moment are focused on the Android architecture application layer, leaving aside the other layers, so a keylogger could also be implemented in another layer and only use the application layer like the insertion method. An analysis of the data flow when a key is pressed on the screen is presented, from the system call by an interruption caused by hardware, the methods involved in this flow and possible generated logs and related files, performing an experimentation procedure to extract information about the keys pressed in order to determine which points can be used to get private information without the necessity of implement a third-party keyboard.

AB - Like the main input way to introduce information in the majority mobile devices nowadays is the screen, it is the main source where a malware could get private information. A keylogger, in this way could obtain private information. Researches of this type of malware until this moment are focused on the Android architecture application layer, leaving aside the other layers, so a keylogger could also be implemented in another layer and only use the application layer like the insertion method. An analysis of the data flow when a key is pressed on the screen is presented, from the system call by an interruption caused by hardware, the methods involved in this flow and possible generated logs and related files, performing an experimentation procedure to extract information about the keys pressed in order to determine which points can be used to get private information without the necessity of implement a third-party keyboard.

KW - Android keylogger

KW - Keylogger

KW - Malware

KW - Touchlogger

KW - Touchscreen

UR - http://www.scopus.com/inward/record.url?scp=85046553618&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-78816-6_8

DO - 10.1007/978-3-319-78816-6_8

M3 - Contribución a la conferencia

SN - 9783319788159

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

SP - 104

EP - 112

BT - Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings

A2 - Ghorbani, Ali

A2 - Ren, Kui

A2 - Zhu, Sencun

A2 - Zhang, Aiqing

A2 - Lin, Xiaodong

PB - Springer Verlag

T2 - 13th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2017

Y2 - 22 October 2017 through 25 October 2017

ER -

Jiménez Aranda I, Aguirre Anaya E , Acosta Bermejo R , Escamilla Ambrosio PJ. Possible keyloggers without implementing a keyboard in android. In Ghorbani A, Ren K, Zhu S, Zhang A, Lin X, editors, Security and Privacy in Communication Networks - SecureComm 2017 International Workshops, ATCS and SePrIoT, Proceedings. Springer Verlag. 2018. p. 104-112. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST). doi: 10.1007/978-3-319-78816-6_8

Possible keyloggers without implementing a keyboard in android

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this