About / People / Research / Publication / Course / Board

Secure Automatic Sign-in for Depending against Spying with BHOs

A Browser Helper Object (BHO) is a small program that runs automatically every time Microsoft Internet Explorer (IE) is started, providing the possibility of extending and modifying the browser. However,new security threats are appearing in the form of malicious BHOs acting as spywares or adwares, which include browser hijacking to unsavory sites, adding unwanted shortcuts to one's favorite folder, and stealing private information from web surfers through keystroke logging. Infection by malicious BHOs can be incurred as a result of normal web surfing, without the need to be tricked into downloading and running a strange file. Moreover, these nuisances are not easy to remove from the registry settings and altered files.
In order to defend against malicious BHOs, we propose a secure automatic sign-in (SAS) architecture, which enables automatic logon to a web site through the detection of a logon form. A password is initially registered for a web site with a virtual keyboard which replaces keystrokes with mouse clicks. Then, starting from the next visit, the logon procedure is under the protection of SAS before accessing the web site, which prevents sensitive information from being eavesdropped on via the web browser.
This study can be one step towards the establishment of a proactive defense against spying programs, in contrast to the existing reactive anti-spyware tools which are only able to detect and remove known malicious programs at the risk of re-infection.

- Beomsoo Park, Sungjin Hong, Jaewook Oh and Heejo Lee, Defeding a Web Browser against Spying with Browser Help Object,IEEE Intelligence and Security Infomatics, LNCS 3495, pp. 638-639, May 2005

- Beomsoo Park, Sungjin Hong, Jaewook Oh and Heejo Lee, Defeding against Spying with Browser Helper Objects, Korea University Technical Report, KU-CCS-05-001, Mar. 2005.