Bridging the Semantic Gap to Mitigate Kernel-Level Keyloggers

Navarro, José Luis Martín; Naudon, E.; Oliveira, Daniela

doi:10.1109/spw.2012.22

Cited by 5 publications

(4 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The negatives include the need for real-time DOS attack detection as well as the need to examine the effects of changing K-value and DCA lifespan on performance. Navarro et al [12] discussed kernel-level keyloggers. Keyloggers that operate at the kernel level represent an imminent threat to the security of current systems.…”

Section: Literature Surveymentioning

confidence: 99%

An Innovative Keylogger Detection System Using Machine Learning Algorithms and Dendritic Cell Algorithm

Chinchalkar,

Somkunwar

2024

RIA

View full text Add to dashboard Cite

Every computer user deals with serious privacy and security challenges. Keyloggers are a type of software malware that records keystroke events from the console and saves them to a log file. It allows to obtain sensitive information like passwords, PINs, and usernames and communicates with vengeful attackers without attracting the attention of users. Keyloggers are also types of session hijackers that record user keystrokes made on the computer to steal any sensitive information from the system. Keyloggers are the most dangerous and covert malware for our system since they are difficult to detect because they run in the background of the computer. The primary issue with keylogger detection in a system is its time-consuming nature and its reliance on a particular type of input traffic behaviour. Keyloggers can be prevented using antiviruses, but, cannot be detected once they entered into the system. We proposed a system that combines Dendritic Cell Algorithms (DCA) and Machine Learning Algorithms (MLA) to address these problems. Our system can accurately detect a software keylogger if it is present which is based on the rate at which inputs are given to the system. The best accuracy was attained by our hybrid SVM-NB-DCA and SVM-DCA approach, with accuracies of 99.8% and 96%, respectively. Hence, results have shown that our hybrid system is effective and accurate for keylogger detection.

show abstract

Section: Literature Surveymentioning

confidence: 99%

An Innovative Keylogger Detection System Using Machine Learning Algorithms and Dendritic Cell Algorithm

Chinchalkar,

Somkunwar

2024

RIA

View full text Add to dashboard Cite

show abstract

“…Figure 1 depicts how the the keylogger is installing a Keyboard Filter Driver before the system's keyboard device driver takes effect [12]. In order to install this filter driver administrator privileges are required [17]. In the following, this filter driver captures keystrokes of the user and relays them by cloning.…”

Section: General Processing Of Keystrokesmentioning

confidence: 99%

“…Afterwards, the moveWindow_thread will be paused 16 . Now the keylogger window moves to a different position in the vicinity of the mouse pointer 17 . After a short waiting time, the pressed mouse button state will be imitated 18 .…”

Section: General Approachmentioning

confidence: 99%

“…For installing an additional element applied by conventional keylogging methods, kernel modification (driver installation) or changes in the configuration file of the operation system (hook registration and thread attaching) are required [17]. As a consequence, antivirus programs will report this action to the user.…”

Section: Differences Between Mouse Underlaying and Conventional Keylomentioning

confidence: 99%

See 1 more Smart Citation

Mouse Underlaying: Global Key and Mouse Listener Based on an Almost Invisible Window with Local Listeners and Sophisticated Focus

Witte¹

2018

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim's machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection techniques against keyloggers become increasingly better. This article presents the method of Mouse Underlaying for creating a new kind of software based keyloggers. This method is implemented in Java for testing countermeasures concerning keylogger protection, virtual keyboard, signatures and behavior detection by anti-virus programs. Products of various manufacturers are used for demonstration purposes. All of them failed without an exception. In addition, the reasons why these products failed are analyzed, and moreover, measures against Mouse Underlaying are developed based on the demonstration results.

show abstract

AirKeyLogger: Hardwareless Air-Gap Keylogging Attack

Guri

2023

2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC)

View full text Add to dashboard Cite

Bridging the Semantic Gap to Mitigate Kernel-Level Keyloggers

Cited by 5 publications

References 36 publications

An Innovative Keylogger Detection System Using Machine Learning Algorithms and Dendritic Cell Algorithm

An Innovative Keylogger Detection System Using Machine Learning Algorithms and Dendritic Cell Algorithm

Mouse Underlaying: Global Key and Mouse Listener Based on an Almost Invisible Window with Local Listeners and Sophisticated Focus

AirKeyLogger: Hardwareless Air-Gap Keylogging Attack

Contact Info

Product

Resources

About