KeyGuard: Using Selective Encryption to Mitigate Keylogging in Third-Party IME

TL;DR

KeyGuard introduces a selective encryption method that intercepts and encrypts keystrokes before they reach third-party IMEs, significantly reducing the risk of sensitive data leakage from keylogging without impairing IME functionality.

Contribution

This paper proposes a novel selective encryption approach to prevent third-party IMEs from logging sensitive keystrokes, enhancing mobile input security.

Findings

Effective interception and encryption of keystrokes

Reduced leakage of sensitive information in experiments

Maintained IME functionality with enhanced security

Abstract

As mobile devices become ubiquitous, people around the world have enjoyed the convenience they have brought to our lives. At the same time, the increasing security threats that rise from using mobile devices not only have caught attention from cyber security agencies but also have become a valid concern for mobile users. Keylogging is one of the mobile security threats caused by using insecure third-party IME (input method editor) applications. Keylogging, as the name suggests, keeps track of user\rq s key events performed on the device and stores all the events in a log. The log could include highly sensitive data such as credit card number, social security number, and passwords. This paper presents a novel solution by intercepting the keystroke events triggered by a user and encrypting them before sending them to the third-party IME, making the third-party IME unable to log what the users actually entered on the screen. Input will be decrypted when showing on text view on the underlying app. This solution addresses the fundamental reason why an IME may leak sensitive information since an IME will no longer have access to the user\rq s actual sensitive information, which will greatly reduce the chance of leaking sensitive information by using a third-party IME while maintaining the functionalities of the third-party IME at the same time.