KeyStroke Logging KeyStroke Logging and its and its Countermeasures Countermeasures

SEMINARSEMINAR GUIDE : GUIDE :Ms. Ms. Sharada.K.

Seminar by:Seminar by:MEGHASHREE.V.NADIGER.MEGHASHREE.V.NADIGER.2KA06IS016

1Key logging.

ContentsContentsWhat is keylogging?

Different types of keylogging

Countermeasures Technological methods Non-technological methods

Conclusion

2Key logging.

Keystroke loggingKeystroke logging Key-logger is a

surreptitious surveillance application, which is used to keep record of user's activities on the computer.

Key logging is the capture of typed characters.

Key logging has both lawful and unlawful applications.

3Key logging.

How Keyboards workHow Keyboards work

Key logging. 4

Different types of Different types of KeyloggersKeyloggersSoftware keyloggers Capture keystroke information as it passes between the

computer keyboard interface and the OS. The logger resides in the o.s kernel and interprets the

keystokes. The keyloggers can be detected only by HIPS(Host

intrusion prevention software). They do not show up in the list of running processes and

run without the knowledge of the user. Detection methods.

5Key logging.

Different types of Keyloggers Different types of Keyloggers (contd)(contd)

Hardware keyloggers Device placed inline with the c.p.u port and the

keyboard pin. In case of laptops, a circuit is printed within the

keyboard or the devices are installed within. Bluetooth keyloggers provide the advantage of accessing

the information directly without retrieving the device from the system it is attached.

6Key logging.

The text saved in the log of the keylogger and The text saved in the log of the keylogger and the various types of keylogging devices.the various types of keylogging devices.

7Key logging.

Different types of Keyloggers Different types of Keyloggers (contd) (contd)

Wireless keyboard intercept Uses 27 MHz RF connection that covers a 6 feet radial

distance. The keystrokes are flagged in the keyboard so that the

receiver can process it. This enables the R.F device to convert the captured

packets into corresponding character streams. If a workstation is processing highly sensitive

information, don’t use 27 MHz wireless keyboards. The disadvantage is that wireless intercept keyloggers

need a receiver/antenna relatively close to the target system.

8Key logging.

Different types of Keyloggers Different types of Keyloggers (contd)(contd)

Acoustic keylogging

The keylogger listens to the key typed on the

keyboard and converts them into character streams. These devices are also used to remotely listen to

conversations and convert them into the required language script.

Such microphones can be placed in the target work area or can be buttoned to an individual. Parabolic microphones are an example of a long distance device.

9Key logging.

Technical countermeasuresTechnical countermeasures

Code signingCode signing Code signing is the process of digitally signing

executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted.

Anti-spywareAnti-spyware Spyware is a type of malware  that is installed

on computer and collects little bits information at a time about users without their knowledge.

Anti-spyware applications are able to detect many keyloggers and cleanse them. Responsible vendors who monitor software support, detect keyloggers by anti-spyware programs, thus preventing the abuse of the software.

10

Key logging.

FirewallFirewall

Frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets

Enabling a firewall does not stop keyloggers , but can prevent the remote installation of key logging software, and possibly prevent transmission of the logged material over the internet if properly configured.

11Key logging.

Automatic form filler programsAutomatic form filler programs Form fillers are primarily designed for web browsers to fill in

checkout pages and log users into their accounts. Once the user's smart card information has been entered into the program, it will be automatically entered into forms without ever using the keyboard or clipboard, thereby reducing the possibility that private data is being recorded.

One-time passwords (OTP)One-time passwords (OTP)

Using one-time passwords is completely keylogger-safe because the recorded password is always invalidated as soon as it's used.

One example is online banking.

12

Key logging.

Keyboard image is displayed with all its keys on the screen.

User presses the keys by clicking with a mouse.

Some commercial key logging programs do not record typing on a web-based virtual keyboard.

13

Web-basedWeb-based keyboards keyboards

Key logging.

14Key logging.

Online form filling using web Online form filling using web based virtual keyboards.based virtual keyboards.

15Key logging.

Anti-keylogging softwareAnti-keylogging software

It will disable this hook mechanism so the text will never reach the key logger program. Consequently, it will break some other programs that rely on this hook mechanism. Keylogger detection software is also available. Some of this type of software use "signatures" from a list of all known keyloggers. It provides a hotkey combination to quickly disable or enable typing protection.

Speech recognitionSpeech recognition Speech-to-text conversion software can also be used

against keyloggers, since there are no typing or mouse movements involved.

16Key logging.

Non-technological methodsNon-technological methods

Some keyloggers can be fooled by alternating between typing the login credentials and typing characters somewhere else in the focus window. Similarly, a user can move their cursor using the mouse during typing, causing the logged keystrokes to be in the wrong order e.g. by typing a password beginning with the last letter and then using the mouse to move the cursor for each subsequent letter.

Another very similar technique utilizes the fact that any selected text portion is replaced by the next key typed. E.g. if the password is “COMPUTER", one could type “C", then some dummy keys “pqrs". Then these dummies could be selected with mouse, and next character from the password “O" is typed, which replaces the dummies “pqrs".

17Key logging.

Conclusion.Conclusion. A keylogger is a type of software that is used for

keystroke logging, which is the practice of monitoring the keys that are punched on a computer keyboard. Keylogging is often done for nefarious purposes, like stealing passwords and banking information. Antispyware programs, firewalls, network monitors and automatic form filler programs can all be used as protection against keylogging programs.

18Key logging.

THANK YOU

19Key logging.