Monday 7 November 2016

Security Breaches using KeyLoggers & Anti KeyLoggers: An Overview  

With the increased innovation in technology the threat of breach to user’s confidential data has increased by huge degree. Today attackers are growing stronger. They are discovering new ways to pierce the security levels on a rapid rate. Thus security is a key challenging area of research for security managers.
            As far as security is concerned besides social engineering,there are many methods of obtaining confidential information. A very common method to obtain sensitive information includes keystroke logging.
             Keystroke logging is the capture of typed characters. It is often used to gather secure information, commit fraud, or obtain system facility access. The data captured can include passwords, user ID’s, and other sensitive bits of information and the attacker can obtain valuable data without cracking into a hardened database or file server. Keyloggers are a prominent class of malware and so they present a special challenge to security managers. Unlike traditional worms and viruses, certain types of keyloggers are almost impossible to detect and work well because they’re simple. They just take raw information – keystrokes – and ship them out of your computer to a third party and that is why this can pose a serious threat to users. As a result, cyber criminals can get PIN codes and account numbers for e-payment systems, email addresses, user names, email passwords or any potential information can be logged quickly without any apparent performance impact on the target PC and surprisingly most users infected with a keylogger will never know it unless an account or credit card is hijacked.In this way,the access to confidential data can sometimes have consequences which can be quite serious.
The most common ways of doing this is through phishing, social engineering, bundling the keylogger with other software .The main idea behind keyloggers is to get in between any two chain of events for example when a key is pressed and when information about that keystroke is displayed on the monitor. This can be achieved using video surveillance, a hardware bug in the keyboard, wiring or the computer itself or requesting information from the keyboard using standard methods.
Though Keyloggers are tricky to detect, still there are some typical signs. For instance you may encounter   slower performance while web browsing, your mouse or keystrokes pause or don’t show up onscreen as what you are actually typing or if you receive error screens when loading graphics or web pages.
CATEGORIES:
 There are two categories of keyloggers
Software-based keyloggers are used to intercept your keystrokes, mouse clicks, clipboard contents, URLs i.e. all the user activity. The second type of keyloggeris  hardware-based keyloggers are physical devices that are usually plugged  between the keyboard and intercept keystrokes typed.

HOW TO PREVENT AND PROTECT THE PC:
Since the chief purpose of keyloggers is to get confidential data, the most logical ways to protect against unknown keyloggers are as follows:
With the help of a one-time password the threat can be minimized .Even if the password you enter is intercepted, the password generated can be used one time only.  So Even if the one-time password has been intercepted, the cybercriminal will not be able to use it to obtain access to critical information.,
  •          By using a system with proactive protection designed to detect keylogging software,
  •          By using a virtual keyboard.
  •          Always Use licensed anti-virus software and update it regularly.
  •          On a regular basis, Update your OS
  •          Be extra cautious while you enter confidential credentials. A simple way can be that one may enter some extra characters -And then delete them using the mouse
  •          By trying an alternative keyboard layout .Since most of the keylogger software available is based on the typical older QWERTY layout so if you use a keyboard layout such as DVORAK, the captured keystrokes does not make sense unless converted.

Ms. Shweta Ohri
Assistant Professor
Dept. of Information Technology

No comments:

Post a Comment