Review Article
Classification and Analysis of Security Techniques for the User Terminal Area in the Internet Banking Service
Table 1
Security techniques for the user terminal domain.
| Major category | Subcategory | Security techniques |
| Secure keyboard program | PS/2 keyboard | (i) Message hooking | (ii) Inserting filter driver | (iii) Interrupt object replacement | (iv) IDT replacement | (v) Generating random scan code using 0xD2 command | (vi) Generating random scan code using keyboard internal memory | (vii) Using the debug exception handler | USB keyboard | (i) Inserting filter driver | (ii) Inline hooking | PKI applications | Secure channel | (i) Self-design | (ii) Using the crypto library | E2E encryption | Initial E2E | (i) Interlocking secure keyboard program and PKI applications (encryption/decryption module) | Extended E2E | (i) Double encryption (only encryption module) | Antihacking program | Pattern-based | (i) Anti-virus products | Personal firewall | Behavior-based | (i) Program access management | (ii) IP address access management | (iii) Network connection management | Removable media security | Secure USB | (i) Software approach | (ii) Hardware-based partitioning approach | (iii) Hardware approach | Antireverse engineering technique | Layout obfuscation | (i) Changing format, removing comment, scrambling identifiers | Data obfuscation | (ii) Data storage, data encoding, data > aggregation, data ordering | Control obfuscation | (iii) Computation transformation, aggregation transformation | Preventive obfuscation | (iv) Unique transformation method, targeted transformation method |
|
|