Physical presence verification: A test to detect whether a computer is remotely controlled

Tsung Teng Chen, Chun-Ying Huang, Chen Chi Wu, Kuan Ta Chen*

*Corresponding author for this work

Research output: Contribution to journalArticle

Abstract

As broadband Internet access has become ubiquitously available, the thin client technology is now widely adopted. Unfortunately, the old saying "the same knife cuts bread and fingers" applies to the thin client technology perfectly. While it makes people's life easier, malicious attackers are ever happier. Once an attacker compromises a victim's computer and installs a remote controllable backdoor on it, the attacker can do virtually anything the victim can do on his own computer. As far as we know, there are no general solutions for detecting whether a system is remotely controlled or not. In this paper, we propose Physical Presence Verification (PPV), a test to ensure a system is controlled by a local user. If an application is considered critical, it can invoke a PPV test to ensure the user is locally present and prevent an attacker from performing mission-critical actions and accessing private information remotely. Our user studies indicate that PPV tests are effective, reliable, and adoptable in real life. We also discuss potential attacks to PPV tests and our countermeasures.

Original languageEnglish
Pages (from-to)943-963
Number of pages21
JournalJournal of Information Science and Engineering
Volume31
Issue number3
DOIs
StatePublished - 1 May 2015

Keywords

  • Anomaly detection
  • Detection
  • Intrusion
  • Network security

Fingerprint Dive into the research topics of 'Physical presence verification: A test to detect whether a computer is remotely controlled'. Together they form a unique fingerprint.

  • Cite this