Keylogging, Keystroke logging –How it Works, How to Detect it and Safety Measures ~ SAMPATKUMARI'S Blog "PARISHKAR"

Keylogging, Keystroke logging –How it Works, How to Detect it and Safety Measures

Keylogging, Keystroke logging –How it Works, How to Detect it and Safety Measures-Keylogging is a criminal action done by the cyber criminals. It is an illegal action done without the knowledge of the effected person. Suppose you are working on your computer at your home and some one is monitoring you and preparing a log of your key board hits without your knowledge, this is technically known as keylogging or keystroke logging. Both the hardware as well as hardware particularly designed for the purpose are used for key logging. Where a hardware is used for keylogging it is called the hardware keylogging and where a software is used it is called the software key logging.
Keylogging, Keystroke logging –How it Works, How to Detect it and Safety Measures
Keylogging, Keystroke logging

Hardware Based Key Logging

Acaustic Key logging

In Acaustic keylogging the key board signature is used. As each keyboard has a different signature and the signature of the keyboard under monitoring is used to monitor and acoustic crypt and analysis and it is possible to identify the signature of the key strokes. Frequency analysys or some others tastistical methods are also used in the analysis.

Electronic Emission based Key Logging

Every electronic equipment while it is in action, emits a certain amount of electro magnetic waves in all directions and likewise a computer Key board also emits such waves. These waves reach upto a certain distance and in case of the computer key board this distance is up to 22 yards or 65 feet. Thus a key board hits log can be easily prepared in a wide area of 3014x1602 feet using a wide band receiver.

Firmware Keylogging

This type of keylogging is possible by gaining a root level access by modifying the BIOS(Basic Input Output System) of the machine to be monitored. Some type of Hardware Specific Software is necessarily to be installed on the machine.

Keyboard Overlaying Keylogging

This type of keylogging is used by the cyber criminals for stealing data. For example the data and password of an ATM Card. They use a device specially designed for the purpose. The user can not identify the device because the criminals fix it in a way that it looks as a part of the ATM system machine. The device automatically records the hits of the ATM system machine. 

Optical Surveillance Keylogging

A small camera or other similar device is used in this typer of keylogging. The device is carefully hidden some where to keep it invisible. This method is used to steal the PINs(Personal Identification numbers) of the ATM cards. Each time a user enters his PIN it is recorded by the hidden device.

Wireless Keyboard keylogging or Passive Sniffing

This type of Keylogging is possible only if a wireless key board is in use. The interception is very easy in this case but the data are in encrypted form and their cracking is necessary ro understand the logs.

Spftware Based Keylogging


Application Programming Interface Keylogging

In Application Programming Interface Key Logging method the keylogger get himself registered as if he is a part of the software and hooks key board Application Programming Interface. Whenever an application running and each time a key on the key board is pressed and released, the key logger automatically receives a signal.

Form Grabbing Key Logging

In Form Grabbing keylogging asit is understood by the name, individual record of the keys is not necessary. The Form Grabbing Key Loggers records the forms submissions at the time of it’s final submission by the user. As the user clicks the submition button. Like, ‘OK’ “submit”,  “Go” etc. and the data is recorded with the Key Logger before it passes over the web.

Hypervisor Keylogging

In Hypervisor keylogging a malware Hypervisor is used. The malware Hypervisor always remains hidden under the Operating System and remains untraceable.

Kernel Keylogging

a software is used to hide and gettiting the root in the operating system it self and resides there as if a part of the operating system in kernel keylogging method. The software always go through the kernel and constantly intercepts the key boards keystrokes.  Users not having access to the root It is quite difficult for them to detect mode applications.

Memory Injection Key Logging

Mostly malware writers use this technique for the purpose of  bypassing Microsoft Windows user account control system. They change browser’s base memory tables. They use memory patches to the memory tables  or directly injecting into memory. Though the users of OS other then windows remain uneffected.

Packet Analyzing Keylogging

The packet analyzing key logging does not work on https connections. In fact the https was created to combat the packet analyzing keyloggers only. In https:// connection the data are transferred in encrypted form and in this method only the unencrypted traffic is the target.

Writing Process Research Keylogging

The writing process research key logging is used in professional or creative writings or any expert writing in a specialized area or domain of high standard educational institutions may be targeted. It is used in a variety of contexts.

Remote Access Keylogging

The remote access keyloggers operate from a considerable distance distance but their real targets are the data recorded locally. For this purpose they have to establish a remote communication and they do it by periodically uploading data on  websites or FTP servers, wirelessly transmitting to a hardware attached, Emailing to a predefined address. They can bypass the https therefore they are treated as real threat.

How to Detect and Protect yourself from Keyloggers

·        Anti keyloggers software are specially designed to detect keyloggers, and are more effective than conventional anti virus software, therefore, Use an anti keylogger software will detect keyloggers.
·        Always use Automatic form fillers will remove the requirement of filling personal details and pass words. This avoids key stroke monitoring by a key logger.
·        Installation of a Key Stroke Interface Software may also prove helpful.
·        Proactive protection may protect your system against new, modifications of existing keyloggers if any. 
·        Reboot your computer with a write protected USB drive free from malware or a CD.
·        A reverse firewall may be helpful to alert when an application attempts to connect tour System.
·        Always use a standard and up to date antivirus capable to detect potential malicious software.
·        OTP(One Time password) may be an effective measure against key logger because it expires once used or on expiry of a certain time.
·        To protect yourself against keylogging software and hardware use a virtual keyboard or a system to generate one-time passwords.
·        Always use virtual key boards  for feeding any data because each time you open the key board, the position of the keys on virtual keyboard is changed automatically.
·        Voice recognition Software may be very helpful because there is no key strokes, typing or any key board action involved in it.


Post a Comment