SwitchMan: An easy-to-use approach to secure user input and output

Conference Paper

Modern operating systems for personal computers (including Linux, MAC, and Windows) provide user-level APIs for an application to access the I/O paths of another application. This design facilitates information sharing between applications, enabling applications such as screenshots. However, it also enables user-level malware to log a user's keystrokes or scrape a user's screen output. In this work, we explore a design called SwitchMan to protect a user's I/O paths against user-level malware attacks. SwitchMan assigns each user with two accounts: a regular one for normal operations and a protected one for inputting and outputting sensitive data. Each user account runs under a separate virtual terminal. Malware running under a user's regular account cannot access sensitive input/output under a user's protected account. At the heart of SwitchMan lies a secure protocol that enables automatic account switching when an application requires sensitive input/output from a user. Our performance evaluation shows that SwitchMan adds acceptable performance overhead. Our security and usability analysis suggests that SwitchMan achieves a better tradeoff between security and usability than existing solutions.

Full Text

Duke Authors

Cited Authors

  • Zheng, S; Zhou, Z; Tang, H; Yang, X

Published Date

  • May 1, 2019

Published In

  • Proceedings 2019 Ieee Symposium on Security and Privacy Workshops, Spw 2019

Start / End Page

  • 105 - 113

International Standard Book Number 13 (ISBN-13)

  • 9781728135083

Digital Object Identifier (DOI)

  • 10.1109/SPW.2019.00029

Citation Source

  • Scopus