This paper analyzes security vulnerability to the USB keyboard data, which are transferred between the host and the USB keyboard, and proposes a solution that randomly inserts noise characters among data from the keyboard. Through the research work, the USB host-related data structures, with which the host uses to communicate with a USB keyboard based on the UHCI, are sophisticatedly analyzed and the vulnerability is revealed by implementing the sniffing software utilizing the vulnerability. Additionally, it is proved that the proposed noise mingling approach can be a reasonable solution to the vulnerability by implementing and applying the idea. It is recommended to apply this approach to real transactions to enhance security characteristics for Internet-based financial environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.