2022: CS: MQP: Walls: Malware Inoculation

Roskind, Brianna

Student Work

2022: CS: MQP: Walls: Malware Inoculation

Public Deposited

This Major Qualifying Project constructed a proof of concept circuit and analysis method for detecting the presence of a hardware keylogger connected in series between a USB keyboard and USB port on a computer. Different methods of keylogger detection were reviewed, and the behavior of two keyloggers were examined, which led to the selection of power signature analysis to detect a keylogger. Data collected in a laboratory environment unveiled the need for a custom circuit in order to have higher resolution power signature data available for analysis. Statistical measurement methods for histogram analysis were examined, including their short-comings, leading to the creation of an augmented form of the KL-algorithm, and the construction of a threshold detector. With threshold detection, no false positives (mistaken detections) occurred. Of the two keyloggers tested, one was detected 100% of the time within a 5 minute period, and the other was detected 100% of the time within a 10 minute period. Throughout this project, experience in circuit design and analysis, literature review, Python programming, and technical writing was acquired. Future directions for this MQP were also identified, including creating an ASIC chip for production use.

This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.

Creator