Science Daily June 6, 2019
Researchers in Israel have developed a new attack called Malboard and a detection module. Malboard automatically generates keystrokes that have the attacked user’s behavioral characteristics. The keystrokes are injected into the computer in the form of malicious commands and thus can evade existing detection mechanisms designed to continuously verify the user’s identity based on keystroke dynamics. In demonstration attack against three existing detection mechanisms, the results showed that Malboard managed to evade detection in 83–100% of the cases, depending on the detection tools in place. They also developed three different modules, aimed at detecting keystroke injection attacks in general, and particularly, the more sophisticated Malboard attack, based on three side-channel resources which originate from the interaction between the keyboard, user, and attacked host. The results showed that each of the proposed detection modules is capable of detecting the Malboard attack in 100% of the cases, with no misses and no false positives. Using them together as an ensemble detection framework will assure that an organization is immune to the Malboard attack in particular and other keystroke injection attacks in general…read more. TECHNICAL ARTICLE