A Metric for the Evaluation and Comparison of Keylogger Performance

Tobias Fiebig, Janis Danisevskis, Marta Piekarska

    Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

    5 Citations (Scopus)


    In the field of IT security the development of Proof of
    Concept (PoC) implementations is a commonly accepted
    method to determine the exploitability of an identified
    weakness. Most security issues provide a rather straightforwad
    method of asserting the PoCs efficiency. That
    is, it either works or it does not. Hence, data gathering
    and exfiltration techniques usually remain in a position
    where the viability has to be empirically verified. One of
    these cases are mobile device keyloggers, which only recently
    have been starting to exploit side-channels to infer
    heuristic information on a user’s input. With this introduction
    of side channels exploiting heuristic information
    the performance of a keylogger may no longer be described
    with “it works and gathered what was typed”.
    Instead, the viability of the keylogger has to be assessed
    based on various typing speeds, user input styles and
    many metrics more as documented in this paper. The authors
    of this document provide a survey of the required
    metrics and features. Furthermore, they have developed
    a framework to assess the performance of a keylogger.
    This paper provides the documentation on how such a
    study can be conducted, while the required source code
    is shared online.
    Original languageEnglish
    Title of host publicationUSENIX Workshop on CyberSecurity Experimentation and Testing (CSET)
    PublisherUSENIX Association
    Publication statusPublished - 2014


    Dive into the research topics of 'A Metric for the Evaluation and Comparison of Keylogger Performance'. Together they form a unique fingerprint.

    Cite this