Nav: Home

New computer attack mimics user's keystroke characteristics and evades detection, according to Ben-Gurion University cyber researchers

June 06, 2019

BEER-SHEVA, ISRAEL...June 6, 2019 - Ben-Gurion University of the Negev (BGU) cyber security researchers have developed a new attack called "Malboard." Malboard evades several detection products that are intended to continuously verify the user's identity based on personalized keystroke characteristics.

The new paper, Malboard: A Novel User Keystroke Impersonation Attack and Trusted Detection Framework Based on Side-Channel Analysis published in the Computer and Security journal, reveals a sophisticated attack in which a compromised USB keyboard automatically generates and sends malicious keystrokes that mimic the attacked user's behavioral characteristics.

Keystrokes generated maliciously do not typically match human typing and can easily be detected. Using artificial intelligence, however, the Malboard attack autonomously generates commands in the user's style, injects the keystrokes as malicious software into the keyboard and evades detection. The keyboards used in the research were products by Microsoft, Lenovo and Dell.

"In the study, 30 people performed three different keystroke tests against three existing detection mechanisms including KeyTrac, TypingDNA and DuckHunt. Our attack evaded detection in 83% to 100% of the cases," says Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, and a member of the BGU Department of Industrial Engineering and Management. "Malboard was effective in two scenarios: by a remote attacker using wireless communication to communicate, and by an inside attacker or employee who physically operates and uses Malboard."

New Detection Modules Proposed

Both the attack and detection mechanisms were developed as part of the master's thesis of Nitzan Farhi, a BGU student and member of the USBEAT project at BGU's Malware Lab.

"Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission," Farhi says. "These include (1) the keyboard's power consumption; (2) the keystrokes' sound; and (3) the user's behavior associated with his or her ability to respond to typographical errors."

Dr. Nissim adds, "Each of the proposed detection modules is capable of detecting the Malboard attack in 100% of the cases, with no misses and no false positives. Using them together as an ensemble detection framework will assure that an organization is immune to the Malboard attack as well as other keystroke attacks."

The researchers propose using this detection framework for every keyboard when it is initially purchased and daily at the outset, since sophisticated malicious keyboards can delay their malicious activity for a later time period. Many new attacks can detect the presence of security mechanisms and thus manage to evade or disable them.

The BGU researchers plan to expand work on other popular USB devices, including computer mouse user movements, clicks and duration of use. They also plan to enhance the typo insertion detection module and combine it with other existing keystroke dynamic mechanisms for user authentication since this behavior is difficult to replicate.
-end-
About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, which is headquartered in Manhattan, has nine regional offices throughout the United States. For more information, visit http://www.aabgu.org.

American Associates, Ben-Gurion University of the Negev

Related Behavior Articles:

Unlocking animal behavior through motion
Using physics to study different types of animal motion, such as burrowing worms or flying flocks, can reveal how animals behave in different settings.
AI to help monitor behavior
Algorithms based on artificial intelligence do better at supporting educational and clinical decision-making, according to a new study.
Increasing opportunities for sustainable behavior
To mitigate climate change and safeguard ecosystems, we need to make drastic changes in our consumption and transport behaviors.
Predicting a protein's behavior from its appearance
Researchers at EPFL have developed a new way to predict a protein's interactions with other proteins and biomolecules, and its biochemical activity, merely by observing its surface.
Spirituality affects the behavior of mortgagers
According to Olga Miroshnichenko, a Sc.D in Economics, and a Professor at the Department of Economics and Finance, Tyumen State University, morals affect the thinking of mortgage payers and help them avoid past due payments.
Asking if behavior can be changed on climate crisis
One of the more complex problems facing social psychologists today is whether any intervention can move people to change their behavior about climate change and protecting the environment for the sake of future generations.
Is Instagram behavior motivated by a desire to belong?
Does a desire to belong and perceived social support drive a person's frequency of Instagram use?
A 3D view of climatic behavior at the third pole
Research across several areas of the 'Third Pole' -- the high-mountain region centered on the Tibetan Plateau -- shows a seasonal cycle in how near-surface temperature changes with elevation.
Witnessing uncivil behavior
When people witness poor customer service, a manager's intervention can help reduce hostility toward the company or brand, according to WSU research.
Whole-brain imaging of mice during behavior
In a study published in Neuron, Emilie Macé from Botond Roska's group and collaborators demonstrate how functional ultrasound imaging can yield high-resolution, brain-wide activity maps of mice for specific behaviors.
More Behavior News and Behavior Current Events

Trending Science News

Current Coronavirus (COVID-19) News

Top Science Podcasts

We have hand picked the top science podcasts of 2020.
Now Playing: TED Radio Hour

Uncharted
There's so much we've yet to explore–from outer space to the deep ocean to our own brains. This hour, Manoush goes on a journey through those uncharted places, led by TED Science Curator David Biello.
Now Playing: Science for the People

#556 The Power of Friendship
It's 2020 and times are tough. Maybe some of us are learning about social distancing the hard way. Maybe we just are all a little anxious. No matter what, we could probably use a friend. But what is a friend, exactly? And why do we need them so much? This week host Bethany Brookshire speaks with Lydia Denworth, author of the new book "Friendship: The Evolution, Biology, and Extraordinary Power of Life's Fundamental Bond". This episode is hosted by Bethany Brookshire, science writer from Science News.
Now Playing: Radiolab

Dispatch 2: Every Day is Ignaz Semmelweis Day
It began with a tweet: "EVERY DAY IS IGNAZ SEMMELWEIS DAY." Carl Zimmer – tweet author, acclaimed science writer and friend of the show – tells the story of a mysterious, deadly illness that struck 19th century Vienna, and the ill-fated hero who uncovered its cure ... and gave us our best weapon (so far) against the current global pandemic. This episode was reported and produced with help from Bethel Habte and Latif Nasser. Support Radiolab today at Radiolab.org/donate.