• No results found

83062699-Key-Logging-Ppt-2

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "83062699-Key-Logging-Ppt-2"

Copied!
20
0
0

Loading.... (view fulltext now)

Download now ( 20 Page )

Full text

(1)

KeyStroke Logging and its Countermeasures SEMINAR GUIDE : Ms. Sharada.K.

Seminar by: MEGHASHREE.V.NADIGER. 2KA06IS016 Key logging.

(2)

Contents  What is keylogging? of  Different types keylogging  Countermeasures

 Technological methods  Non-technological methods



Conclusion Key logging. 2

(3)

Keystroke logging

Key-logger is a surreptitious surveillance application, which is used to keep re cord of user's activities on the computer.  Key logging is the capture of typed c haracters.  Key logging has both lawful and unlawful applications.



Key logging. 3

(4)

How Keyboards work Key logging.

(5)

Different types of Keyloggers Software keyloggers

Capture keystroke information as it passes between the computer keyboard interfa ce and the OS.  The logger resides in the o.s kernel and interprets the keystokes .  The keyloggers can be detected only by HIPS(Host intrusion prevention software ).  They do not show up in the list of running processes and run without the know ledge of the user.  Detection methods.



Key logging. 5

(6)

Different types of Keyloggers (contd) Hardware keyloggers

Device placed inline with the c.p.u port and the keyboard pin.  In case of laptop s, a circuit is printed within the keyboard or the devices are installed within.  Bluetooth keyloggers provide the advantage of accessing the information directl y without retrieving the device from the system it is attached.



Key logging. 6

(7)

The text saved in the log of the keylogger and the various types of keylogging d evices.

Key logging. 7

(8)

Different types of Keyloggers (contd) Wireless keyboard intercept

Uses 27 MHz RF connection that covers a 6 feet radial distance.  The keystrokes a re flagged in the keyboard so that the receiver can process it.  This enables the R.F device to convert the captured packets into corresponding character streams .  If a workstation is processing highly sensitive information, don¶t use 27 MHz wir eless keyboards.  The disadvantage is that wireless intercept keyloggers need a r eceiver/antenna relatively close to the target system.



(9)

Different types of Keyloggers (contd) Acoustic keylogging

The keylogger listens to the key typed on the keyboard and converts them into ch aracter streams.  These devices are also used to remotely listen to conversations and convert them into the required language script.  Such microphones can be pla ced in the target work area or can be buttoned to an individual. Parabolic micro phones are an example of a long distance device.



Key logging. 9

(10)

Technical countermeasures Code signing



Code signing is the process of digitally signing executables and scripts to conf irm the software author and guarantee that the code has not been altered or corr upted.

AntiAnti-spyware





Spyware is a type of malware that is installed on computer and collects little b its information at a time about users without their knowledge. Anti-spyware appl ications are able to detect many keyloggers and cleanse them. Responsible vendor s who monitor software support, detect keyloggers by anti-spyware programs, thus preventing the abuse of the software.

Key logging. 10

(11)

Firewall



Frequently used to prevent unauthorized Internet users from accessing private ne tworks connected to the Internet, especially intranets Enabling a firewall does not stop keyloggers , but can prevent the remote installation of key logging sof tware, and possibly prevent transmission of the logged material over the interne t if properly configured.



Key logging. 11

(12)

Automatic form filler programs



Form fillers are primarily designed for web browsers to fill in checkout pages a nd log users into their accounts. Once the user's smart card information has bee n entered into the program, it will be automatically entered into forms without ever using the keyboard or clipboard, thereby reducing the possibility that priv ate data is being recorded.

OneOne-time passwords (OTP)  

Using one-time passwords is completely keylogger-safe because the recorded passw ord is always invalidated as soon as it's used. One example is online banking. Key logging.

(13)

WebWeb-based keyboards   

Keyboard image is displayed with all its keys on the screen. User presses the ke ys by clicking with a mouse. Some commercial key logging programs do not record typing on a web-based virtual keyboard.

Key logging. 13

(14)

Key logging. 14

(15)

Online form filling using web based virtual keyboards. Key logging.

(16)

AntiAnti-keylogging software



It will disable this hook mechanism so the text will never reach the key logger program. Consequently, it will break some other programs that rely on this hook mechanism. Keylogger detection software is also available. Some of this type of software use "signatures" from a list of all known keyloggers. It provides a hot key combination to quickly disable or enable typing protection. Speech-to-text c onversion software can also be used against keyloggers, since there are no typin g or mouse movements involved.

Speech recognition



Key logging. 16

(17)

NonNon-technological methods



Some keyloggers can be fooled by alternating between typing the login credential s and typing characters somewhere else in the focus window. Similarly, a user ca n move their cursor using the mouse during typing, causing the logged keystrokes to be in the wrong order e.g. by typing a password beginning with the last lett er and then using the mouse to move the cursor for each subsequent letter. Anoth er very similar technique utilizes the fact that any selected text portion is re

placed by the next key typed. E.g. if the password is ´COMPUTER", one could type ´C", then some dummy keys ´pqrs". Then these dummies could be selected with mouse, and n ext character from the password ´O" is typed, which replaces the dummies ´pqrs".



Key logging. 17

(18)

Conclusion.  A keylogger

is a type of software that is used for keystroke logging, which is the practice of monitoring the keys that are punched on a computer keyboard. Keylogging is of ten done for nefarious purposes, like stealing passwords and banking information . Antispyware programs, firewalls, network monitors and automatic form filler pr ograms can all be used as protection against keylogging programs.

Key logging. 18

(19)

THANK YOU

(20)

References

Download now ( PDF - 20 Page - 24.13 KB )

Related documents

Improving Retention through Better Client Connections

In fact, despite general satisfaction with their accounting firm, 36 percent of business clients and 19 percent of individual clients report they are likely to switch CPA firms

Prof. Anthony B Ward. North Staffordshire Rehabilitation Centre Stoke on Trent

Trauma  Rehabilita>on  Database   — Microsoft  Access  designed  by  Consultant  in  RM   — Simple  data  input  for  administrative  staff   — Daily

A Benefit Of Revocable Living Trusts Is That

What Does Revocable Mean Living Trusts and Testamentary Trusts Can insert Create better Trust on out Own Information Necessary then Create a rule Trust Funding.. La Poll Associates

The Pdr Is A Reference That

None of reference is invalid, drug information to opioids under the references from a group of the technologies we cannot show you already on our pdr.. Just some electronic access

NEVILLE S HAIR AT THE BULGARI SPA

This Chronologiste treatment is formed of two essential par ts: restorative caviar pearls packed with active ingredients to protect and revitalise your hair and a rich cream masque

Proficiency-based High School Diploma Systems in Maine: Implications for Special Education and Career and Technical Education Programming and Student Populations

23 Concern: Lower High School Graduation Rates 25 Concern: Increasing Due Process Cases 26 Concern: Insufficient Resources 26 Benefit: Increased Professional Collaboration

LOGGING OR NOLOGGING THAT IS THE QUESTION

As long as the table space is in backup mode Oracle will write the entire block is dumped to redo when the ALTER TABLESPACE TBSNAME BEGIN BACKUP MODE is entered but later

It is sometimes said that accounting is the

This article presents a framework and industry best practices allowing for the definition of usable metrics and intelligence that employ all the available operational