DocumentCode
1997015
Title
Keyboard or keylogger?: A security analysis of third-party keyboards on Android
Author
Junsung Cho ; Geumhwan Cho ; Hyoungshick Kim
Author_Institution
Dept. of Comput. Sci. & Eng., Sungkyunkwan Univ., Suwon, South Korea
fYear
2015
fDate
21-23 July 2015
Firstpage
173
Lastpage
176
Abstract
Use of third-party keyboards makes Android more flexible and customizable. However, we demonstrate their potential security risks by implementing a proof-of-concept keylogger that can effectively steal users´ sensitive keystrokes with 81 popular websites (out of 100 tested websites). We also empirically analyzed the security behaviors of 139 keyboard applications that were available on Google Play. Our study results show that the majority of existing keyboard applications (84 out of 139) could be potentially misused as malicious keyloggers. To avoid such keylogging attacks, we discuss possible defense mechanisms.
Keywords
Android (operating system); keyboards; security of data; Android; Google Play; Web sites; defense mechanisms; keylogging attacks; potential security risks; proof-of-concept keylogger; third-party keyboard security analysis; Androids; Google; Humanoid robots; Internet; Keyboards; Malware;
fLanguage
English
Publisher
ieee
Conference_Titel
Privacy, Security and Trust (PST), 2015 13th Annual Conference on
Conference_Location
Izmir
Type
conf
DOI
10.1109/PST.2015.7232970
Filename
7232970
Link To Document