Review Article
Classification and Analysis of Security Techniques for the User Terminal Area in the Internet Banking Service
Table 1
Security techniques for the user terminal domain.
| | Major category | Subcategory | Security techniques |
| | Secure keyboard program | PS/2 keyboard | (i) Message hooking | | (ii) Inserting filter driver | | (iii) Interrupt object replacement | | (iv) IDT replacement | | (v) Generating random scan code using 0xD2 command | | (vi) Generating random scan code using keyboard internal memory | | (vii) Using the debug exception handler | | USB keyboard | (i) Inserting filter driver | | (ii) Inline hooking | | PKI applications | Secure channel | (i) Self-design | | (ii) Using the crypto library | | E2E encryption | Initial E2E | (i) Interlocking secure keyboard program and PKI applications (encryption/decryption module) | | Extended E2E | (i) Double encryption (only encryption module) | | Antihacking program | Pattern-based | (i) Anti-virus products | | Personal firewall | Behavior-based | (i) Program access management | | (ii) IP address access management | | (iii) Network connection management | | Removable media security | Secure USB | (i) Software approach | | (ii) Hardware-based partitioning approach | | (iii) Hardware approach | | Antireverse engineering technique | Layout obfuscation | (i) Changing format, removing comment, scrambling identifiers | | Data obfuscation | (ii) Data storage, data encoding, data > aggregation, data ordering | | Control obfuscation | (iii) Computation transformation, aggregation transformation | | Preventive obfuscation | (iv) Unique transformation method, targeted transformation method |
|
|
