基于伪造密码键的盘记录器和屏幕录像软件(IJCNIS-V4-N5-2)

Battering Keyloggers and Screen Recording Software by Fabricating Passwords

I. J. Computer Network and Information Security, 2012, 5, 13-21

Published Online June 2012 in MECS (/) DOI: 10.5815/ijcnis.2012.05.02

Battering Keyloggers and Screen Recording

Software by Fabricating Passwords

Nairit Adhikary1, Rohit Shrivastava2, Ashwani Kumar3, Sunil Kumar Verma4, Monark Bag5, Vrijendra Singh 6 Cyber Law and Information Security Division, Indian Institute of Information Technology, Allahabad-211012, India nairit.adhikary@1, rshrivastav04@2, ashwanik@3, contact.sunil86@4,

monark@iiita.ac.in5, vrij@iiita.ac.in6

Abstract — The keyloggers are covert security threat to hardware keylogger are available in market [5]. These the privacy and identity of users. The attackers are keyloggers can be plugged inside the keyboard port, or exploring different techniques of keylogging using directly inside the keyboard or at the end of the keyboard hardware keyloggers, software keyloggers and screen cable. The main privilege of hardware keylogger is that it capturing software to steal the user sensitive data. The does not use any computer resource so it becomes quite Incognizance of the user is imposing greater risk. To infeasible for the anti-viral software or scanners to detect. overcome this problem, we have proposed a model. In The keystrokes logs are stored in encrypted form in its this model solution to Keylogger and Screen Recording own memory instead of the computer's hard disk .The Software has been proposed by using the concept of major disadvantage of hardware keylogger is that they fabricated password on untrusted machine. It deceives the necessitate physical installation in the keyboard or untrusted system’s key logging and video capturing Computer case. software. The concept used here is “WYSINT What You

See Is Not True”. The main feature of this model is that it B. Software Keyloggers has a hardware recognition to retrieve the key .This key Software keyloggers logs and monitors the keystrokes is required by the Temporary Filter layer (TFL) as an and data within the target operating system, store them on intermediary to change into the trusted password after hard disk or in remote locations, and send them to the bypassing all the capturing techniques and returning the attacker. Software keylogger [1], [6] monitoring is mainly original password to the required website. based on the operating-system. The Major Problem of Data Theft due to use of the key Index Terms — Onscreen Keyboard, Screen Recording, loggers were minimized by the use of various anti-key Key logger, Anti-key logger, Thumb drive logging mechanisms. Virtual keyboard is one very popular among them. Since virtual keyboard only

operates through mouse clicks so the key strokes are not captured [7]. The virtual keyboard uses the concept of I. INTRODUCTION

random shuffling of keys; hence it is not having a definite

The threats of keyloggers are increasing day by day

structure. Therefore the key presses if captured cannot be

and the threat is becoming potent as people are unable to used because of the random changing of the key locations. detect the presence of keyloggers in the system. There is a bigger threat residing that is the screen Moreover the threat has taken a severe form after the

recording software which is present and undetected.

introduction of screen recording software which paralyze the anti keylogging [1], [2], [3] mechanisms like the

C. Screen Recording Softwares

virtual keyboards which are pertinent today. The various

Screen Recording Softwares are prevalent because they

modes of larceny of critical data are explained below:

are used to capture whatever is happening on the screen

Key loggers, may it be in the form of Hardware or for monitoring [8] purpose or for the purpose of the Software are very common these days which stores every Educational Demonstrations. This could be used key press and hence steals very critical information of negatively because the software could be used to capture user. It is a major threat because most of the access the screen and mouse movement, so whosoever is using control such as login ids which are entered through the virtual keyboard to avoid keyloggers are no more safe. keyboard gets stored or recorded. Hence makes the

This software records the screen activities which includes

control mechanisms ineffective. Keyloggers are mainly

key presses trough virtual keyboards. Whatever activities

classified into two categories: Hardware Keyloggers and are done on the screen is recorded and hence the Software Keyloggers. passwords could be easily be captured.

The model we have proposed deceives the keyloggers

A. Hardware Keyloggers

and screen recording software and thereby bypassing the

Hardware keylogger is mainly a small electronic malicious techniques and help the access control device used for capturing the data in between a keyboard techniques to work properly. The model is solution to device and I/O port [4]. When they are mounted in a such a problem which includes bypassing of hardware computer system they start capturing the keystrokes in

搜索“diyifanwen.net”或“第一范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读，第一范文网，提供最新外语学习基于伪造密码键的盘记录器和屏幕录像软件(IJCNIS-V4-N5-2)全文阅读和word下载服务。