Eng. Hector M Lugo-Cordero, MS CIS4361 Department of Electrical Engineering and Computer Science February, 2012 University of Central Florida.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Computer Basics I Course Outline 1: What is a computer? 2: What is an operating system? Using a Desktop Computer 3: What are the basic parts of a desktop.
A Software Keylogger Attack By Daniel Shapiro. Social Engineering Users follow “spoofed” s to counterfeit sites Users “give up” personal financial.
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
Welcome to Keyboarding Pro DELUXE ® Get Started Get Started Create Your Student Record Create Your Student Record The Main Menu The Main Menu Send Files.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Computer Basics 1 Computer Basic 1 includes two lessons:
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
SPYWARE  Do you know where your personal information is?
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Parts of a Computer.
Quiz Review.
Internet safety By Lydia Snowden.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.
Configuring the MagicInfo Pro Display
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Viruses.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Cyber crime & Security Prepared by : Rughani Zarana.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Keyloggers At Work Jason Clark. History Believed to have been first used by the government Believed that they were used in the early 1990’s Software key.
Welcome to Keyboarding Pro DELUXE ® Get Started Get Started Create Your Student Record Create Your Student Record The Main Menu The Main Menu Send Files.
CHAPTER 8 PROTECTING PEOPLE AND INFORMATION Threats and Safeguards.
Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.
CARNIVORE And Other Computer Spy Programs. What is Carnivore? Carnivore helps the FBI conduct ‘wiretaps’ on Internet connections. Carnivore is a computer-based.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Microsoft Internet Explorer and the Internet Using Microsoft Explorer 5.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.
Security at NCAR David Mitchell February 20th, 2007.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Security Issues and Strategies Chapter 8 – Computers: Understanding Technology (Third edition)
Penetrating encrypted evidence Writer : Hank Wolfe University of Otago, Computer Security, Forensics, Information Science Department, New Zealand Presentation.
Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.
M ONITORING Theresa Wynd CSCI 101 R 3:30. T ELEPHONE M ONITORING Employers may monitor calls with clients or customers for reasons of quality control.
Computer security By Isabelle Cooper.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Michael McAllister. Keyloggers - What is a key logger? - What do they do? Security - How prevalent are they in the Computing World? - How are they avoided?
1 REMOTE CONTROL SYSTEM V7 2 Introduction.
Computer main parts HARDWARE It corresponds to all physical and tangible parts of a computer: your electrical, electronic, electromechanical and mechanical.
COMPUTER MAIN PARTS SANTIAGO OCAMPO MEJIA. HARDWARE  Or materials set of physical elements of a computer or a computer system.
Computer Hardware Software, Memory & Storage Internet & EthicsPowerPoint
Computer Security By Duncan Hall.
Digital Literacy: Computer Basics
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Phishing Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money)
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Information Systems Design and Development Security Risks Computing Science.
GCSE Computing: A451 Computer Systems & Programming Topic 3 Software System Software (2) Utility Software.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Copyright © 2008 AusCERT 1 Practical Computer Security See the notes section throughout the slide presentation for additional information.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Mobile Device Security Management Leyna Belinsky.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Main Features of iSafe All-in-One Keylogger Universal keylogger of isafe, Inc. Suitable for home parental control,corporate employee monitoring and cheating.
By: Maxwell Varner.  Description/Background  Uses for Keyloggers  Types of Keyloggers  Prevention Methods  Causes for Concern  Wrap-up  Questions/Discussion.
Intro to Digital Technology Review for Final Introduction to Digital Technology Finals Seniors Monday, 5/16 – 2 nd Tuesday 5/17 – 1 st,3 rd Underclassmen.
Internet Vulnerabilities & Criminal Activity Internet Forensics 12.1 April 26, 2010 Internet Forensics 12.1 April 26, 2010.
By BIJAY ACHARYA Twitter.com/acharya_bijay
Chapter 17 Risks, Security and Disaster Recovery
What is keystroke logging?
Presentation transcript:

Eng. Hector M Lugo-Cordero, MS CIS4361 Department of Electrical Engineering and Computer Science February, 2012 University of Central Florida

What is keystroke logging? A keylogger is a program that runs in the background or hardware, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker A keylogger is a program that runs in the background or hardware, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker Attacker checks files carefully in the hopes of either finding passwords, or possibly other useful information. Attacker checks files carefully in the hopes of either finding passwords, or possibly other useful information.

What is keystroke logging? Key loggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only Key loggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only Such systems are also highly useful for law enforcement and espionage Such systems are also highly useful for law enforcement and espionage Keystroke logging can be achieved by both hardware and software means. Keystroke logging can be achieved by both hardware and software means.

The good, the bad and the ugly  Good: companies can monitor the productivity of an employee, also useful for software developing.  Bad: Espionage  Ugly: External hardware can be caught easily and software installation without user noticing is hard.

Hardware key loggers Come in three types:  Inline devices that are attached to the keyboard cable  Devices which can be installed inside standard keyboards  Replacement keyboards that contain the key logger already built-in

Some hardware keyloggers  Hardware KeyLogger Stand-alone Edition a tiny hardware device that can be attached in between a keyboard and a computer. Hardware KeyLogger Stand-alone Edition Hardware KeyLogger Stand-alone Edition  Hardware KeyLogger Keyboard Edition looks and behaves exactly like a normal keyboard, but it keeps a record of all keystrokes typed on it. Hardware KeyLogger Keyboard Edition Hardware KeyLogger Keyboard Edition  KeyGhost Hardware Keylogger a tiny hardware device that can be attached in between a keyboard and a computer. KeyGhost Hardware Keylogger KeyGhost Hardware Keylogger  KeyKatcher Keystroke Logger a tiny hardware device that can be attached in between a keyboard and a computer. KeyKatcher Keystroke Logger KeyKatcher Keystroke Logger

Keylogger The Hardware KeyLogger™ Stand-alone Edition is a tiny hardware device that can be attached in between a keyboard and a computer. It keeps a record of all keystrokes typed on the keyboard. The recording process is totally transparent to the end user. The keystrokes can only be retrieved by an administrator with a proper password. BEFORE AFTER

Hardware KeyLoggerTM Keyboard Edition The Hardware KeyLogger™ Keyboard Edition looks and behaves exactly like a normal keyborad, but it keeps a record of all keystrokes typed on it. The recording process is totally transparent to the end user. The keystrokes can only be retrieved by an administrator with a proper password.

KeyKatcher The KeyKatcher is a hardware device to log activity as it is performed on the keyboard. The device works with any PS/2 keyboard and is not dependant on the operating system because there is not any software required for the manufacture to product to interact with the hardware. The KeyKatcher records up to 32,000 bytes (keystrokes) in the 33k model or 64,000 bytes (key strokes) in the 64k model. Even if the device is unplugged from the keyboard it will still remember EVERYTHING and you wont lose a single keystroke.

Interacting with keylogger Interacting with the Keystroke logger is simple, it can be done from any PS/2 compatible keyboard/computer. You can take it off the computer it is on to examine the data on another computer or perform the audit from that computer. Enter into a text program. Type the passphrase which was set, the menu will be displayed, you can navigate through the menus by entering typing in the number corresponding with the command.

Other approaches There are other approaches to capturing info about what you are doing.  Some keyloggers capture screens, rather than keystrokes.  Other keyloggers will secretly turn on video or audio recorders, and transmit what they capture over your internet connection.

Software Key Logging  Easy to implement – code is relatively normal.  Hard to install – user can notice the presence of it.

Problems with installing a Key Logger  An attacker that connects to the target to download the keystrokes risks being traced.  A code that sends the information to an address risks exposing the attacker.

Secure ways to install a key logger  Program can be distributed through viruses and/or worms and attacker can claim to victim of it if s/he is caught.  Use cryptography to prevent others from discovering the content and later decode it later.

Examples of key loggers  Magic Lantern  developed by the FBI  is installed remotely via attachment.  All in One Keylogger Spy Software  sends encrypted logs to desired  tracks all users activity

Examples of key loggers (cont.)  Wiretap Pro  specializes in Internet monitoring  records chats, s, web sites visited  Ardamax Keylogger  monitors user activity in an encrypted way  data is stored as text or web page  used to maintain backups or monitor kids.

Defending from a key logger  Have our computer up to date with:  Keep net firewall on  Anti-spywares  Anti-viruses  Check USB ports and PS/2  Check programs installed  Also we can maintain a practice of using only the soft keyboard (on screen). However is not completely secure.

References        

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.