www.ijcrt.

org © 2021 IJCRT | Volume 9, Issue 4 April 2021 | ISSN: 2320-2882

SURVEY ON KEYSTROKE LOGGING

ATTACKS
Kavya .C 1, Suganya.R 2
1
Student, II MSc. Computer Science, Sri Krishna Arts and Science College, Coimbatore
2
Assistant professor, Department of Computer Science, Sri Krishna Arts and Science College, Coimbatore

Abstract:
A Keylogger generally referred as a keystroke or system monitor. Keystroke could be a reasonably police work technology accustomed
monitor and record every keystroke written on a particular data input device. Keylogging usually used as a spyware tool by cybercriminals to
steal in person recognizable info, login credentials and sensitive enterprise knowledge. Keystroke is employed to visualize employer’s
performance to watch their laptop activities, oldsters to supervise their children's net usage, device homeowners to trace attainable
unauthorized activity on their devices or enforcement agencies to analyse incidents involving laptop. The method can be thought-about
moral or acceptable in variable degrees.. Some numerous keylogging techniques, extending from hardware and software based
methodologies. Keyloggers are easy to detect, but once it infects our computer, it can cause unauthorized transactions. Data-stealing
malware attacks are prevalent today. This paper presents an overview of different types of password attacks and analysing prevention and
detection techniques of keylogger attacks and some preventive measures to reduce the malware attacks and detection of personal data.

Keywords: keylogger; keyboard; cryptography; cipher text; encryption; decryption; types of password attacks; prevention & detection of
keylogger;

I. Introduction

Malware is the process of disturbing system like collect and state-owned company’s information. the most objective
sensitive data and gain access to systems [1]. Ancient of keyloggers is to interfere within the chain of events that
authentication systems wont to defend access to on-line happen once a secret is ironed and once the information is
services (such as passwords) square measure prone to attack displayed on the monitor as a results of a keystroke.
by the introduction of a keystroke faller to the service user's
pc [2]. Detecting and preventing malware attack is very
important in cyber world as malwares can badly affect
computer operation. Once an hacker got access to private
user data, he/she can easily make money transfer from user
account to untrusted account. The private data can have
many consequences which can prove to be more hazards
than particular individual’s financial loss. We can summarize
malware as program intentionally developed for damaging
Fig shows the Image of keylogger
computer specifically those have internet connection [3].
Keyloggers square measure a significant threat to users and A keylogger can be done by introducing a wiring or a
therefore the user’s information, as they track the keystrokes hardware bug in the keyboard, to achieve video surveillance,
to intercept passwords and different sensitive data
terminating input/output, or by also implementing the use if
typewritten in through the keyboard. this provides hackers
a filter driver in the keyboard stack. Extracting information
the good thing about access the PIN codes and account from the user’s keyboard exploitation generalized
numbers, passwords to on-line searching sites, email id’s, documented ways. The log file created by the keylogger may
email logins and different hint etc. when the hackers get be sent to the required receiver. Some keyloggers programs
access to the user’s private and sensitive information, they
will record any email addresses that you just have used and
can take advantage of the extracted data to perform online
URL’s of any websites that you just visit. There square
money transaction the user’s account. Keyloggers will measure 2 different rootkit ways employed by hackers:
typically be used as a spying tool to compromise business
IJCRT2104074 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 503
www.ijcrt.org © 2021 IJCRT | Volume 9, Issue 4 April 2021 | ISSN: 2320-2882

masking in kernel mode and masking in user mode. during

this paper we tend to specialise in the literature survey that is
said to keylogger, its types, interference detection of
keylogger attacks and its varied applications.

Cybersecurity & Cryptography:

Cyber security is that the follow of protective systems,

networks, and programs from digital attacks [5]. These
cyberattacks square measure typically aimed toward
accessing, changing, or destroying sensitive information;
extorting cash from users; or interrupting traditional business
processes. Implementing effective cyber security measures is Fig shows conversion of plain text & cipher text
especially difficult these days as a result of their square
Consider two parties Alice and Bob. Now, Alice needs to
measure a lot of devices than folks, and attackers are getting
send a message m to Bob over a secure channel. So, what
a lot of innovative. Cryptography is that the technique for happens is as follows.
secure communication within the presence of third parties is
termed as adversaries. It deals with developing and analysing The sender’s message or typically known as the Plaintext, is
protocols which prevents malicious third parties from born-again into associate degree unclear type employing a
Key k. The resultant text obtained is termed the Cipher text.
retrieving information being shared between two entities
This method is understood as coding. At the time of receive,
thereby following the various aspects of information the Cipher text is born-again into the plaintext exploitation
security. Secure communication refers to the situation constant Key k, in order that it may be browse by the
wherever the message or information shared between two receiver. This method is understood as cryptography.
parties can’t be accessed by associate degree opponent. In
Alice (Sender) Bob (Receiver)
Cryptography, associate degree opponent may be a malicious
entity that aims to retrieve precious data or information C = E (m, k) ----> m = D (C, k) (1)
thereby undermining the principles of data security. Data
Here, C refers to the Cipher text whereas E and D square
Confidentiality, information Integrity, Authentication and measure the coding and cryptography algorithms severally
Non-repudiation square measure core principles of [6].
contemporary cryptography.

II. Literature Review: helpful at company level and personal purpose for
parents. Another research paper “Keylogging: A
Extensive work was performed dealing with the Malicious Attack” authors Sonal Shinde, Ujwala H.
authentication protocols. The proper information is Wanaskar discussed that some techniques to reduce
collected by reading and analysing papers and malicious attack of keyloggers. In this two research
books. For example an article about comparison, paper have some drawbacks 1) the techniques that
detection techniques of keyloggers was written by are discussed will be useful but the user have to
note each every process of the particular technique
otherwise the user will forgot that what he/she
done. 2) Another drawback that installation of the
final year student “KEYLOGGERS Comparison of
software, in that the user information will be stolen
Detection Techniques & Its Legitimate Use” the
by some other person. It can be reduced by admin
author Aaradhya Gorecha discussed that
keyloggers to check the employee’s web activity by making the user information more secure. Some
other research papers will also be discussed in this
and also for domestic purpose parents can keep a
paper.
check on their children web activities this can be

IJCRT2104074 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 504

 www.ijcrt.org © 2021 IJCRT | Volume 9, Issue 4 April 2021 |
ISSN: 2320-2882

Detection techniques and future scope

No Paper name and Keylogger Detection Results Future scope

author Technique

1
Aslam at el. (2004) This paper describes the Since hook technique is the This technique requires
AntiHook Shield anti-hook technique to core of the detection of much more calculation to
against the Software scan all the processes and keylogger. So it can easily be doe and also the false
Key Loggers. static executable and DLLs find all the suspicious files positive rate is very high.
of the system. and processes which are
present on any level [7].
2 Parth Mananbhai Patel, This paper describes This approach is that it This technique has the
Prof. Vivek designing a detection centred on a black-box ability to artificially inject
K.ShahParth (2015) technique for user-space model that completely carefully crafted keystroke
Analysis and key loggers. The technique ignores the key logger patterns, and discussed the
Implementation of to prevent user-space key internals. Also, I/O problem of choosing the
Decipherments of loggers from stealing monitoring is a non-intrusive best input pattern to
KeyLogger. confidential data originally procedure and can be improve our detection rate
intended for a (trusted) performed on multiple with no false positives and
legitimate foreground processes simultaneously no false negatives
application. [8]. reported.
3 Stefano Ortolani,
Cristiano Giuffrida, This paper describes a In this technique keylogger As a result of this
Bruno Crispo (2010) technique to find and eavesdrops each keystroke technique, the malicious
Bait Your Hook: A prevent the malicious issued by the user and logs activities can be known in
Novel Detection attacks of keyloggers. the content on a file on the advance and controlled.
Technique for disk [9].
Keyloggers.

Another research paper “Keyloggers in Cyber advantage that students can learn about the
security Education” authors Christopher A. wood keylogging programs and keylogger attacks it may
and Rajendra K. Raj discussed that keylogging help them to avoid the detection of information
attacks and usage, overview of keylogger programs without their knowledge and to secure their
and a study of keylogging in cyber security to information from keylogger attacks [10].
educate the next generation. This paper has an

III. Different types of password attacks:

Keylogger has much type of techniques to hack their victims applications like ATM machines, internet services, windows
and crack that victim’s password using these techniques. login, authentication in mobiles etc. Intruders/hackers can
The sections will give a review about some different types make system vulnerable, can get access of it and can also
of password attacks. For authentication of any system get valuable information of ours. In this section we enlisted
password is first and foremost step so, passwords play an some of possible password attacks
important role in daily life in various computing

IJCRT2104074 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 505

www.ijcrt.org © 2021 IJCRT | Volume 9, Issue 4 April 2021 | ISSN: 2320-2882

A. Dictionary Attack: G. Password spraying:

The dictionary attack is used by hackers to hack Password spraying, an attack that would attempts
user’s password easily. This will check the user’s password to access the large number of accounts and databases
word by word like dictionary and it also find the users with commonly used passwords [7].
psychology of creation of their password. Attackers get
loads dictionary files of passwords and words to run against H. Spidering:
the user. This attack is similar to brute force attack. In this attack the hackers consider that corporate
passwords are related to business. The hackers look or
B. Brute force attack: do ground work to get information about particular
The brute force attack uses the program to crack the corporate. By using this information they can steal that
user’s password. Multiple attempts with possible password and store them for their future usage.
combinations of words were used to crack the account. The
attacks start with commonly used, weak passwords like I. Keylogger:
Password123 are considered as week passwords [9]. The
Keylogger is type of capturing or monitoring the
programs running on attacks usually try variations on
system by installing software to record all the
upper and lowercase characters, as well [8].
keystrokes. By using this software they can pass
information to hackers or intruders.
C. Phishing attack:
The most-commonly used technique in today’s IV. How keylogger & keyboard work:
modern world. This technique will involves using emails,
text messages sent to fool the users into providing their Keylogger is a program that was used to secretly monitor
credentials by clicking the link or image that will install
and log all the keystrokes in a computer system. This
the software or it will re-direct to fake website or account
program can be installed in a computer system or by sending
that was create by the hackers .
the .jpg file or email to the user’s system. If the user clicks
this type of images or emails their system gets hacked. For
example, if the keylogger sending the random image related
D. Rainbow table attack: prize, if the user clicks the image or typing their personal
The rainbow table attack is type of hacking
details they got hacked. This Section covers an overview
that uses rainbow hash table to crack password. This uses
that how the keylogger & keyboard works. Keylogger
hash table in cryptographic function to store password in
database. When hackers are a pre-computed table of hash attack does that when unknown app or APK runs
values that are pre-matched to possible plain text background of our system, when we type something in our
passwords. This allows hackers to reverse the hashing system or if we visit any websites or if we type the bank
function to crack the password. account details that will be sent to the hacker. By using this
master key the hacker can access all the information that
E. Shoulder surfing: they need. Keylogging can be two types they are hardware
Shoulder surfing is act of obtaining the based keylogging and software based keylogging [10]. A
personal and private Information behind the users
hardware based keylogger, small device that serves as a
shoulder without their knowledge. It occurs when
connector between the computer and the keyboard. In this
someone watches over users shoulder to nab the ATM pin
and passwords as the user key on to electronic device. By type, a piece of hardware that was inserted somewhere
using this technique for financial gain, the activity is between computer and along keyboard’s cables. A software
considered as identify theft. keylogger is like remote access it allows to access locally
recorded data from the remote location. There are some
F. Credential stuffing: methods to be followed and used for communication:
This attack says that danger of using same uploading the data to a website, database or FTP server,
passwords for several accounts and this will lead to hacker periodically emailing data to a predefined email address,
to steal the password easily. In this attack, hacker sets the wirelessly transmitting data through an attached hardware
bot that automatically log into multiple accounts in parallel system, software enabling remote login to your local
using fake IP address. If the password is stolen by running
machine [11]. Some software keyloggers capture
on multiple websites the informative resources were stolen
and hacker can store the stolen password and they can send information when any of the keyboard key pressed as input.
to their circle this will lead to increase malicious activity The sentence or word or anything when copied to clipboard
and breach over the networks. it will be captured. Randomly timed screenshots of
computer the screen of computer will be logged. The
windows API allows programs to request text value of some
control like password that typed for any forms it will be

IJCRT2104074 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 506

www.ijcrt.org © 2021 IJCRT | Volume 9, Issue 4 April 2021 | ISSN: 2320-2882

captured. Keyboard plays an important role in keylogger. • Always use anti-virus for system, some unwanted apps are
Keyboard is the main target for keyloggers. Keyboard has put in while not the users data. It’s higher to use the
sequence of key matrix and it also called as circuit matrix. antivirus for system it'll avoid the installation of
When the particular key is pressed, the keyboard controller unnecessary apps and virus attacks.
notes that which key is pressed and ROM record the events. • fitting the firewalls security for the system to avoid the
attacks from faux websites.
• Setting a selected lock arcanum or pin for the system it'll
forestall the unauthorized access each on-line & offline from
intruder/hackers.
• Avoid sharing of emails, confidential messages, or info
publically or shared pcs.
• Always maintain the sturdy arcanum like dynamical the
arcanum once at per week or month and avoid exploitation
the common passwords or combination of words for many
accounts.
• Always keep change the system and apps that have
already put in within the system. This can management the
unnecessary attacks from hackers.
Detection of keylogger is tough we will cut back and
management the attacks of keylogger. In cryptography,
encoding and coding methodology accustomed observe the
keylogger in order that user will send the e-mail or messages
firmly. During this paper, cryptography methodologies are
Fig shows the working of keyboard accustomed management and observe the keylogger.
Encoding is employed to convert the plain text to cipher
It sends the event to operating system and it also sends the text. Coding is employed to convert the cipher text to plain
code to keyboard buffer. The data travelled between the text. We will send a message or info to the person
operating system and computer keyboard is interrupted by exploitation encoding and coding. By exploitation this
keylogger. Whenever the key is pressed by user, every time methodology we will avoid and cut back keylogging
the keylogger will be noticed. By recording the each and connected attacks in order that we will forestall our files or
every key that was pressed by the user. The keylogger can hint from hackers. Whereas exploitation the encoding and
hack the particular users system and so that hacker can get coding methodology it’s suggested to use the virtual
database and bank details of that particular user. Hacker can keyboard. Usage of virtual keyboard can cut back and avoid
send stolen passwords or database to other intruder. the foremost attacks of keylogger. Virtual onscreen
keyboards cut back the possibility of being keylogged as
V. Prevention and Detection techniques of they input info during a completely different thanks to
keylogger: physical keyboards. This would possibly impact user
productivity, isn’t fool proof against all types of keystroke
In today’s world, everything around us is choked with observance software system, and doesn’t eliminate the
digital method like internet banking, mobile recharging, explanation for the matter. Observant resource allocation
searching and payments for electricity, studies, etc. These and background method on machines, also as knowledge
methods keep folks data regarding their general process and being transmitted from the device outside the organization
created easier the approach of payment. This method created will facilitate determine if a keylogger is gift. Keyloggers
advantage conjointly for hackers also as keyloggers. By sometimes want root access to the machine, which may even
exploitation this method, hackers or keyloggers will steal be a tell-tale sign of a keylogger infection [4].
the knowledge and arcanum from the actual user. This cause
loss of information and also the activity is taken into
account as thieving. This section covers some preventive
and detective measures of keylogger. Keylogger is
prevented by staying aloof from untrusted apps and websites
on the web. A number of interference measures are
followed:

IJCRT2104074 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 507

www.ijcrt.org © 2021 IJCRT | Volume 9, Issue 4 April 2021 | ISSN: 2320-2882

VI. Conclusion & Future Scope: literature review, this paper discussed the various measures
and methods to reduce keylogging attacks and it also used
In this paper, the article attempts to insight the keylogger for parents to monitoring the children’s activity. The main
workings, different types of password attacks and point is aware of the keylogging attacks by how they are
prevention & detection measures to reduce and avoid the entering in to system and use suitable ways to detect them.
keylogging attacks. This paper had discussed a cryptography However in future, the paper would enhance the idea which
encryption decryption method to reduce the keylogging is based on the cryptography algorithm to reduce the
attacks. To reduce the keylogging attacks user has to keep keylogging attacks and detection. Therefore the result of the
their software up-to-date and it is advisable to maintain the paper has achieved the main area of the paper by discussing
strong password policy for their systems. It is advisable to the preventive measures to reduce the keylogging attacks
disable the self-running files that are externally connected from the keyloggers.
devices like USBs and restrict to copy the files to and from
external computers by doing this attacks may get reduce. In VII. References:

1. Malware Definition Available at http://en.wikipedia.org/wiki/Malware.

2. S. P. Goring, J. R. Rabaiotti and A. J. Jones, “Anti-keylogging measures for secure internet login:
an example of the law of unintended consequences”, Computers & Security, Page 1-9, Feb 2007.
3. Malware Definition Available at https://www.wisegeek.com/what-is-malwa.

4. https://www.csoonline.com/article/3326304/what-is-a- keylogger-how-attackers-can-monitor-
everything-you-type.html/

5. https://www.ntiva.com/cyber-security-services/

6. geeksforgeeks.org/cryptography-introduction/

7. https://sec.okta.com/articles/2020/12/password-spraying-attacks-and-how-prevent-them

8. https://info-savvy.com/password-attacks/

9. https://www.linkedin.com/pulse/common-security-attacks-cyber-mobile-atms-wifi-iot-niteen-lall

10. https://searchsecurity.techtarget.com/definition/keylogger

11. https://www.veracode.com/security/keylogger
12. AntiHook Shield against the Software Keyloggers. Aslam at el. (2004)
13. Analysis and Implementation of Decipherments of Keylogger, Parth Mananbhai Patel, Prof. Vivek K.ShahParth
(2015).

14. Bait Your Hook: A Novel Detection Technique for Keyloggers,Stefano Ortolani, Cristiano Giuffrida, Bruno
Crispo (2010).

15. Survey of Keylogger Technologies, Yahye Abukar Ahmed, Mohd Aizaini Maarof, Fuad Mire Hassan and
Mohamed Muse Abshir, International Journal of Computer Science and Telecommunications, Volume 5, Issue 2,
February 2014.

16. Cyber Security – KEYLOGGERS Comparison of Detection Techniques & Its Legitimate Use Aaradhya Gorecha
Information Technology Department SVKM NMIMS MPSTME, Shirpur, Maharashtra, India.

IJCRT2104074 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 508