83062699-Key-Logging-Ppt-2

KeyStroke Logging and its Countermeasures SEMINAR GUIDE : Ms. Sharada.K. Seminar by: MEGHASHREE.V.NADIGER. 2KA06IS016 Key logging. 1

Contents  What is keylogging? of  Different types keylogging  Countermeasures  Technological methods  Non-technological methods  Conclusion Key logging. 2

Keystroke logging Key-logger is a surreptitious surveillance application, which is used to keep re cord of user's activities on the computer.  Key logging is the capture of typed c haracters.  Key logging has both lawful and unlawful applications.  Key logging. 3

How Keyboards work Key logging. 4

Different types of Keyloggers Software keyloggers Capture keystroke information as it passes between the computer keyboard interfa ce and the OS.  The logger resides in the o.s kernel and interprets the keystokes .  The keyloggers can be detected only by HIPS(Host intrusion prevention software ).  They do not show up in the list of running processes and run without the know ledge of the user.  Detection methods.  Key logging. 5

Different types of Keyloggers (contd) Hardware keyloggers Device placed inline with the c.p.u port and the keyboard pin.  In case of laptop s, a circuit is printed within the keyboard or the devices are installed within.  Bluetooth keyloggers provide the advantage of accessing the information directl y without retrieving the device from the system it is attached.  Key logging. 6

The text saved in the log of the keylogger and the various types of keylogging d evices. Key logging. 7

Different types of Keyloggers (contd) Wireless keyboard intercept Uses 27 MHz RF connection that covers a 6 feet radial distance.  The keystrokes a re flagged in the keyboard so that the receiver can process it.  This enables the R.F device to convert the captured packets into corresponding character streams .  If a workstation is processing highly sensitive information, don¶t use 27 MHz wir eless keyboards.  The disadvantage is that wireless intercept keyloggers need a r eceiver/antenna relatively close to the target system.  Key logging. 8

Different types of Keyloggers (contd) Acoustic keylogging The keylogger listens to the key typed on the keyboard and converts them into ch aracter streams.  These devices are also used to remotely listen to conversations and convert them into the required language script.  Such microphones can be pla ced in the target work area or can be buttoned to an individual. Parabolic micro phones are an example of a long distance device.  Key logging. 9

Technical countermeasures Code signing  Code signing is the process of digitally signing executables and scripts to conf irm the software author and guarantee that the code has not been altered or corr upted. AntiAnti-spyware   Spyware is a type of malware that is installed on computer and collects little b its information at a time about users without their knowledge. Anti-spyware appl ications are able to detect many keyloggers and cleanse them. Responsible vendor s who monitor software support, detect keyloggers by anti-spyware programs, thus preventing the abuse of the software. Key logging. 10

Firewall  Frequently used to prevent unauthorized Internet users from accessing private ne tworks connected to the Internet, especially intranets Enabling a firewall does not stop keyloggers , but can prevent the remote installation of key logging sof tware, and possibly prevent transmission of the logged material over the interne t if properly configured.  Key logging. 11

Automatic form filler programs  Form fillers are primarily designed for web browsers to fill in checkout pages a nd log users into their accounts. Once the user's smart card information has bee n entered into the program, it will be automatically entered into forms without ever using the keyboard or clipboard, thereby reducing the possibility that priv ate data is being recorded. OneOne-time passwords (OTP)   Using one-time passwords is completely keylogger-safe because the recorded passw ord is always invalidated as soon as it's used. One example is online banking. Key logging. 12

WebWeb-based keyboards    Keyboard image is displayed with all its keys on the screen. User presses the ke ys by clicking with a mouse. Some commercial key logging programs do not record typing on a web-based virtual keyboard. Key logging. 13

Key logging. 14

Online form filling using web based virtual keyboards. Key logging. 15

AntiAnti-keylogging software  It will disable this hook mechanism so the text will never reach the key logger program. Consequently, it will break some other programs that rely on this hook mechanism. Keylogger detection software is also available. Some of this type of software use "signatures" from a list of all known keyloggers. It provides a hot key combination to quickly disable or enable typing protection. Speech-to-text c onversion software can also be used against keyloggers, since there are no typin g or mouse movements involved. Speech recognition  Key logging. 16

NonNon-technological methods  Some keyloggers can be fooled by alternating between typing the login credential s and typing characters somewhere else in the focus window. Similarly, a user ca n move their cursor using the mouse during typing, causing the logged keystrokes to be in the wrong order e.g. by typing a password beginning with the last lett er and then using the mouse to move the cursor for each subsequent letter. Anoth er very similar technique utilizes the fact that any selected text portion is re placed by the next key typed. E.g. if the password is ´COMPUTER", one could type ´C", then some dummy keys ´pqrs". Then these dummies could be selected with mouse, and n ext character from the password ´O" is typed, which replaces the dummies ´pqrs".  Key logging. 17

Conclusion.  A keylogger is a type of software that is used for keystroke logging, which is the practice of monitoring the keys that are punched on a computer keyboard. Keylogging is of ten done for nefarious purposes, like stealing passwords and banking information . Antispyware programs, firewalls, network monitors and automatic form filler pr ograms can all be used as protection against keylogging programs. Key logging. 18

THANK YOU Key logging. 19