Design of an AES Encryption-Based Keyboard Driver for Keylogging Defense

• Published in: International Journal of Advanced Culture Technology(IJACT) Vol. 12; no. 4; pp. 548 - 560
• Main Authors: 한유정, 김민영
• Format: Journal Article
• Language: English
• Published: 국제문화기술진흥원 31.12.2024
• Subjects: 과학기술학; Keylogging Defense; Filter Driver; Kernel-User Security Architecture; AES Encryption; Keyboard Driver
• ISSN: 2288-7202; 2288-7318
• DOI: 10.17703/IJACT.2024.12.4.548

This paper proposes an encryption-based keyboard protection method to safeguard user input from keylogging attacks. Keylogging is a hacking technique that intercepts keyboard input to steal sensitive information, and traditional detection-based defenses alone have limitations in countering the evolution of keyloggers. To address this issue, we introduce a kernel-user integrated security architecture that combines a filter driver with a security module. In the proposed method, when a user initiates keyboard input, the filter driver encrypts the input using the AES-128 ECB algorithm and transmits the encrypted data to the user-space security module. The security module then decrypts the data and relays it to the application, ensuring secure keyboard input handling. This encryption-decryption process prevents keyloggers from retrieving the original information, even if they intercept the encrypted keystrokes. Our proposed method operates automatically in the background, minimizing impact on user experience and eliminating the inconvenience of alternatives like virtual keyboards. This approach guarantees secure keyboard input without the need for detection-based keylogging defenses, thereby enhancing both user convenience and security. The study offers an effective security solution to prevent data leakage from keylogging attacks and can be applied across various application environments.