{"id":"https://openalex.org/W2807345152","doi":"https://doi.org/10.1186/s42400-018-0007-6","title":"Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes","display_name":"Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes","publication_year":2018,"publication_date":"2018-05-29","ids":{"openalex":"https://openalex.org/W2807345152","doi":"https://doi.org/10.1186/s42400-018-0007-6","mag":"2807345152"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-018-0007-6","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-018-0007-6","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-018-0007-6","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-018-0007-6","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Chen Tian","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chen Tian","raw_affiliation_strings":["State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102914991","display_name":"Yazhe Wang","orcid":"https://orcid.org/0000-0002-1709-5283"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I37448385","display_name":"China People's Public Security University","ror":"https://ror.org/05twya590","country_code":"CN","type":"education","lineage":["https://openalex.org/I37448385"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yazhe Wang","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","institution_ids":["https://openalex.org/I37448385","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100346828","display_name":"Peng Liu","orcid":"https://orcid.org/0000-0002-5091-8464"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Peng Liu","raw_affiliation_strings":["College of Information Sciences and Technology, Pennsylvania State University, University Park, 16802, PA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"College of Information Sciences and Technology, Pennsylvania State University, University Park, 16802, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077178159","display_name":"Qihui Zhou","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qihui Zhou","raw_affiliation_strings":["State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080515125","display_name":"Chengyi Zhang","orcid":"https://orcid.org/0000-0002-6027-0606"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I37448385","display_name":"China People's Public Security University","ror":"https://ror.org/05twya590","country_code":"CN","type":"education","lineage":["https://openalex.org/I37448385"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chengyi Zhang","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","institution_ids":["https://openalex.org/I37448385","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5102914991"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I37448385","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.3325,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.55315127,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":95},"biblio":{"volume":"1","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9929999709129333,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/keystroke-logging","display_name":"Keystroke logging","score":0.8766366243362427},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8434337377548218},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.5817735195159912},{"id":"https://openalex.org/keywords/android-app","display_name":"Android app","score":0.5620917677879333},{"id":"https://openalex.org/keywords/prefix","display_name":"Prefix","score":0.5220884680747986},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.3571275472640991},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3430784046649933},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.31630825996398926}],"concepts":[{"id":"https://openalex.org/C161615301","wikidata":"https://www.wikidata.org/wiki/Q309396","display_name":"Keystroke logging","level":2,"score":0.8766366243362427},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8434337377548218},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.5817735195159912},{"id":"https://openalex.org/C2988045736","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android app","level":3,"score":0.5620917677879333},{"id":"https://openalex.org/C141603448","wikidata":"https://www.wikidata.org/wiki/Q134830","display_name":"Prefix","level":2,"score":0.5220884680747986},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.3571275472640991},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3430784046649933},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.31630825996398926},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-018-0007-6","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-018-0007-6","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-018-0007-6","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:26be5ef589b9463597bdaff3cb383569","is_oa":true,"landing_page_url":"https://doaj.org/article/26be5ef589b9463597bdaff3cb383569","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 1, Iss 1, Pp 1-17 (2018)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-018-0007-6","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-018-0007-6","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-018-0007-6","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3243637686","display_name":"SBE TWC: Small: Collaborative: Privacy Protection in Social Networks: Bridging the Gap Between User Perception and Privacy Enforcement","funder_award_id":"1422215","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4529271126","display_name":"TWC: Small: Collaborative: Towards Agile and Privacy-Preserving Cloud Computing","funder_award_id":"1422594","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4958794329","display_name":null,"funder_award_id":"CNS-1505664","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5441460892","display_name":null,"funder_award_id":"CNS-1422594","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7625510445","display_name":null,"funder_award_id":"2017YFB0801900","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G8798368995","display_name":"Breakthrough: CPS-Security: Towards Provably Correct Distributed Attack-Resilient Control of Unmanned-Vehicle-Operator Networks","funder_award_id":"1505664","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8813751538","display_name":null,"funder_award_id":"SBE-1422215","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null},{"id":"https://openalex.org/F4320335892","display_name":"Youth Innovation Promotion Association","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2807345152.pdf","grobid_xml":"https://content.openalex.org/works/W2807345152.grobid-xml"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W147819238","https://openalex.org/W1437814062","https://openalex.org/W1450860479","https://openalex.org/W1493190345","https://openalex.org/W1582716752","https://openalex.org/W1963971515","https://openalex.org/W1984361257","https://openalex.org/W1987221145","https://openalex.org/W2018045700","https://openalex.org/W2020936921","https://openalex.org/W2088983597","https://openalex.org/W2095470000","https://openalex.org/W2097723548","https://openalex.org/W2099964107","https://openalex.org/W2107816859","https://openalex.org/W2125011234","https://openalex.org/W2132073183","https://openalex.org/W2155907478","https://openalex.org/W2168872572","https://openalex.org/W2175259180","https://openalex.org/W2212039644","https://openalex.org/W2216664396","https://openalex.org/W2317788992","https://openalex.org/W2401617229","https://openalex.org/W2471066505","https://openalex.org/W2573570214","https://openalex.org/W4301329292"],"related_works":["https://openalex.org/W1565885216","https://openalex.org/W2894765413","https://openalex.org/W769484497","https://openalex.org/W2794864670","https://openalex.org/W2922039621","https://openalex.org/W2940442438","https://openalex.org/W4383744737","https://openalex.org/W2773184731","https://openalex.org/W2949757294","https://openalex.org/W2581685432"],"abstract_inverted_index":{"Third-party":[0],"IME":[1,26,36,124,200],"(Input":[2],"Method":[3],"Editor)":[4],"apps":[5,187,201],"are":[6,80],"often":[7],"the":[8,23,29,54,59,64,74,77,83,90,120,137,143,161,169,174,178],"preference":[9],"means":[10],"of":[11,25,122,180,212],"interaction":[12],"for":[13,199,207],"Android":[14],"users\u2019":[15,41],"input.":[16,172],"In":[17],"this":[18,105],"paper,":[19],"we":[20,95],"first":[21],"discuss":[22],"insecurity":[24],"apps,":[27,37],"including":[28],"Potentially":[30],"Harmful":[31],"Apps":[32],"(PHAs)":[33],"and":[34,58,85,167,217],"malicious":[35],"which":[38,101,135],"may":[39],"leak":[40],"sensitive":[42,109],"keystrokes.":[43],"The":[44,224],"current":[45],"defense":[46],"system,":[47],"such":[48],"as":[49,148,150],"I-BOX,":[50],"is":[51,176],"vulnerable":[52],"to":[53,63,82,119,154,185],"prefix":[55],"substitution":[56],"attack":[57,61],"colluding":[60,86],"due":[62],"post-IME":[65,78,92],"nature.":[66,139],"We":[67,127],"provide":[68],"a":[69,97,108,151,157,189],"deeper":[70],"understanding":[71],"that":[72,103,228],"all":[73],"designs":[75],"with":[76,219],"nature":[79],"subject":[81],"prefix-substitution":[84],"attacks.":[87],"To":[88],"remedy":[89],"above":[91],"system\u2019s":[93],"flaws,":[94],"propose":[96],"new":[98],"idea,":[99],"pre-IME,":[100],"guarantees":[102],"\u201cIs":[104],"touch":[106,116,171,197,205],"event":[107,164],"keystroke?\u201d":[110],"analysis":[111],"will":[112,182],"always":[113],"access":[114],"user":[115,152,186],"events":[117,198,206],"prior":[118],"execution":[121],"any":[123],"app":[125],"code.":[126],"design":[128],"an":[129],"innovative":[130],"TrustZone-based":[131],"framework":[132],"named":[133,146],"IM-Visor":[134,141,193,213,229],"has":[136,214,230],"pre-IME":[138],"Specifically,":[140],"creates":[142],"isolation":[144],"environment":[145],"STIE":[147,162],"soon":[149],"intends":[153],"type":[155],"on":[156],"soft":[158],"keyboard,":[159],"then":[160],"intercepts,Android":[163],"sub":[165],"translates":[166],"analyzes":[168],"user\u2019s":[170],"If":[173],"input":[175],"sensitive,":[177],"translation":[179],"keystrokes":[181],"be":[183],"delivered":[184],"through":[188],"trusted":[190],"path.":[191],"Otherwise,":[192],"replays":[194,203],"non-sensitive":[195],"keystroke":[196],"or":[202],"non-keystroke":[204],"other":[208],"apps.":[209],"A":[210],"prototype":[211],"been":[215],"implemented":[216],"tested":[218],"several":[220],"most":[221],"popular":[222],"IMEs.":[223],"experimental":[225],"results":[226],"show":[227],"small":[231],"runtime":[232],"overheads.":[233]},"counts_by_year":[{"year":2021,"cited_by_count":2}],"updated_date":"2026-06-22T08:00:12.763002","created_date":"2025-10-10T00:00:00"}