West Visayas State University Janiuay Campus School of Information and Communication Technology Janiuay, Iloilo

KEYSTROKE LOGGING (KEYLOGGING) Description: A keylogger is and record a software program The that data is installed is on a computer, often by a Trojan horse or virus. Keyloggers capture user keystrokes. captured then transmitted to a remote computer. Background: An early keylogger was written by Perry Kivolowitz and posted to the Usenet news group net.unix-wizards,net.sources on November 17, 1983. The posting by seems locating installed the to be and a motivating factor in restricting program In the access to /dev/kmem on Unix systems. dumping The user-mode lists the and US St and

operated 1970s, and

character in

(clists) as they were assembled in the Unix kernel. spies keystroke in bugs loggers Moscow Embassy Consulate installed buildings

Petersburg. They

in Selectric II

Selectric III electric typewriters. Soviet embassies used manual typewriters, rather than electric typewriters, for classified informationapparently because they are immune to such bugs. As of 2013, Russian special services still use typewriters.

West Visayas State University Janiuay Campus School of Information and Communication Technology Janiuay, Iloilo

Keystroke logging, often referred to as keylogging or Keyboard Capturing, is the action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. It also has very legitimate uses in studies of human-computer methods, interaction. from There and are numerous keylogging approaches ranging hardware software-based

to acoustic analysis. Danger level: High Prevalence: High Worst case damage: While keyloggers will not damage your computer system per se, because other threat. they can capture data, passwords, should credit card numbers a and sensitive they be regarded as serious

West Visayas State University Janiuay Campus School of Information and Communication Technology Janiuay, Iloilo

Prevention, detection and removal: Currently there is no easy way to prevent keylogging. For the time being, therefore, the best strategy is to use common sense and a combination of several methods:

Monitoring

which

programs

are

running:

user

should

constantly be aware of which programs are installed on his or her machine.

Antispyware:

antispyware

applications

are

able

to

detect

many keyloggers and remove them.

Firewall: enabling a firewall does not stop keyloggers per se, but it may prevent transmission of the logged material, if properly configured.

Network monitors: also known as reverse-firewalls, network monitors can be used to alert the user whenever an application attempts to make a network connection. The user may then be able to prevent the keylogger from transmitting the logged data.

Anti-keylogging packages keyloggers the use to

software:keylogger signatures identify and from remove in a

detection list them. the of Other PC, of

software all known detection blocks latter may

software doesnt use a signature list, but instead analyzes working is methods that of modules A and the suspected approach keylogging software. drawback

legitimate,

non-keylogging

software

also be blocked.

West Visayas State University Janiuay Campus School of Information and Communication Technology Janiuay, Iloilo

IN PARTIAL FULFILLMENT IN THE SUBJECT I.T. 214 (Security and Standardization)

SUBMITTED BY:

WILLIAM VINCENT B. LEBANAN BS INFOTECH III

SUBMITTED BY:

LEA R. MARCON-GABAWA INSTRUCTOR