6 Keystroke Logger Hardware or software that records all keystrokes May be a small dongle plugged into a USB port or can masquerade as a keyboard May also be installed as malware Not limited to browsers From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Keystroke Logger • Hardware or software that records all keystrokes • May be a small dongle plugged into a USB port or can masquerade as a keyboard • May also be installed as malware • Not limited to browsers 6 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
7 Page-in-the-Middle User is directed to a different page than believed or intended Similar effect to a man-in -the-browser where attacker can intercept and modify user input From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Page-in-the-Middle • User is directed to a different page than believed or intended •Similar effect to a man-in-the-browser, where attacker can intercept and modify user input 7 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved
8 Program Download Substitution Attacker creates a page with seemingly innocuous and desirable programs for download Instead of, or in addition to the intended functionality, the user installs malware This is a very common technique for spyware From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved
Program Download Substitution • Attacker creates a page with seemingly innocuous and desirable programs for download • Instead of, or in addition to, the intended functionality, the user installs malware • This is a very common technique for spyware 8 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved