Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Saturday October 20 2018, @01:33PM   Printer-friendly
from the mouse-droppings dept.

Submitted via IRC for AndyTheAbsurd

Abstract:

Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim's machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection techniques against keyloggers become increasingly better. This article presents the method of Mouse Underlaying for creating a new kind of software based keyloggers. This method is implemented in Java for testing countermeasures concerning keylogger protection, virtual keyboard, signatures and behavior detection by anti-virus programs. Products of various manufacturers are used for demonstration purposes. All of them failed without an exception. In addition, the reasons why these products failed are analyzed, and moreover, measures against Mouse Underlaying are developed based on the demonstration results.

Source: http://eudl.eu/doi/10.4108/eai.15-10-2018.155740


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Informative) by bzipitidoo on Saturday October 20 2018, @02:05PM

    by bzipitidoo (4388) on Saturday October 20 2018, @02:05PM (#751388) Journal

    But just try to find a keylogger that's used for debugging. Search results will be overwhelmed with keyloggers for collecting passwords.

  • (Score: 2) by crafoo on Saturday October 20 2018, @02:31PM (1 child)

    by crafoo (6639) on Saturday October 20 2018, @02:31PM (#751394)

    Good to know the basics are still fairly widely used. Kinda like finding 18s on a used Nissan Sentra with locking lugnuts. Really takes me back to the 90s.

    • (Score: 2) by driverless on Sunday October 21 2018, @02:06AM

      by driverless (4770) on Sunday October 21 2018, @02:06AM (#751543)

      But who wrote that gibberish headline?

      Global Key and Mouse Listener Based on an Almost Invisible Window with Local List

      Obstreperous Elephant and Green Hoover Based on a Practically Somnambulent Cat with Squeamish Ossifrage.

  • (Score: -1, Offtopic) by Anonymous Coward on Saturday October 20 2018, @09:19PM

    by Anonymous Coward on Saturday October 20 2018, @09:19PM (#751478)

    Report to your nearest Saudi embassy and their helpful consular officials will cut off your fingers. Kashoggi doesn't have to worry about keylogging anymore.

  • (Score: 2) by darkfeline on Saturday October 20 2018, @09:49PM (1 child)

    by darkfeline (1030) on Saturday October 20 2018, @09:49PM (#751488) Homepage

    This doesn't affect password managers, especially if integrated into a web browser. Yet another reason to use one if you aren't already.

    (This is only really a problem for remote logins, of which websites make up the majority. There's not much the attacker can do with my local user login password, SSH should always be by public key.)

    --
    Join the SDF Public Access UNIX System today!
    • (Score: 0) by Anonymous Coward on Sunday October 21 2018, @05:04AM

      by Anonymous Coward on Sunday October 21 2018, @05:04AM (#751569)

      You're just suggesting a shift in attack surface.

      Most OS'es don't protect the copy buffer from access across processes. That is, in fact, one of the major use cases.

      It's not uncommon for malware to watch that buffer for strings that might be of interest (>5chars and 256 chars) and keep a copy of it all.

      Rather like using a screen keyboard. Sure,that stops a keylogger. And instead exposes the mouse event list.\

      Think of this like with video. There's something parallel to the analogue hole, on the input side. You can't enter a password without enteering it, somehow, across some channel.

(1)