Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22–25, 2017, Proceedings

Research Article

Possible Keyloggers Without Implementing a Keyboard in Android

Download
208 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-78816-6_8,
        author={Itzael Jim\^{e}nez Aranda and Eleazar Aguirre Anaya and Ra\^{u}l Acosta Bermejo and Ponciano Escamilla Ambrosio},
        title={Possible Keyloggers Without Implementing a Keyboard in Android},
        proceedings={Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings},
        proceedings_a={SECURECOMM \& ATCS \& SEPRIOT},
        year={2018},
        month={4},
        keywords={Keylogger Touchlogger Malware Android keylogger Touchscreen},
        doi={10.1007/978-3-319-78816-6_8}
    }
    
  • Itzael Jiménez Aranda
    Eleazar Aguirre Anaya
    Raúl Acosta Bermejo
    Ponciano Escamilla Ambrosio
    Year: 2018
    Possible Keyloggers Without Implementing a Keyboard in Android
    SECURECOMM & ATCS & SEPRIOT
    Springer
    DOI: 10.1007/978-3-319-78816-6_8
Itzael Jiménez Aranda1,*, Eleazar Aguirre Anaya1,*, Raúl Acosta Bermejo1,*, Ponciano Escamilla Ambrosio1,*
  • 1: Instituto Politécnico Nacional - Centro de Investigación en Computación
*Contact email: itzaelja@gmail.com, eaguirrea@ipn.mx, racosta@cic.ipn.mx, pescamilla@cic.ipn.mx

Abstract

Like the main input way to introduce information in the majority mobile devices nowadays is the screen, it is the main source where a malware could get private information. A keylogger, in this way could obtain private information. Researches of this type of malware until this moment are focused on the Android architecture application layer, leaving aside the other layers, so a keylogger could also be implemented in another layer and only use the application layer like the insertion method. An analysis of the data flow when a key is pressed on the screen is presented, from the system call by an interruption caused by hardware, the methods involved in this flow and possible generated logs and related files, performing an experimentation procedure to extract information about the keys pressed in order to determine which points can be used to get private information without the necessity of implement a third-party keyboard.