Virtualization Based Password Protection Against Malware In Untrusted Operating Systems
Password based authentication remains as the mainstream user authentication method for most web servers, despite its known vulnerability to keylogger attacks. Most existing countermeasures are costly because they require a strong isolation of the browser and the operating system. In this paper, the authors propose KGuard, a password input protection system. Its security is based on the hardware-based virtualization without safeguarding the browser or OS. A security-conscious user can conveniently and securely activate or deactivate the password protection by using key combinations.