Human society is moving towards a life that is fully govern by automated system where every important event of our life is locked and protected by a ‘String’, known as password. Password protection is in high demand and researchers shown fervent interest to accomplish the same. Besides, the process of stealing information also evolving. Keystrokes monitoring by using keylogger is an advanced way to steal passwords and valuable data. As keylogger is an unprivileged program running on user-space, it could be injected through many different ways into a computer. Usually, keylogger is untraceable by the user and also undetectable by various known anti-viruses. Many cyber security specialists have proposed different methods for detection of this malicious program which includes API based detection method and network traffic monitoring system. But, with evolving technology, attackers have developed a new level of keylogger which is no longer easily detected though those conventional methods. This new level of keyloggers is capable of communicating with the eavesdropper without sending any attached file and uses volatile memory as a buffer. In this paper, we have proposed a memory analysis based detection method. This proposed method is capable of detecting such different type of logger and also works for on traditional one. With this method any regular user can detect any suspicious activity. And also it does not need any special permission from operating system. It was tested on Linux and Windows OS with satisfactory level of success.
[1]
Mugdha Kolte,et al.
Unprivileged Detection of User Space Keyloggers
,
2016
.
[2]
Golden G. Richard,et al.
Memory forensics: The path forward
,
2017,
Digit. Investig..
[3]
Shih-Jen Chen,et al.
A QTE-based Solution to Keylogger Attacks
,
2012,
SECURWARE 2012.
[4]
Reiner Creutzburg,et al.
The strange world of keyloggers - an overview, Part I
,
2017
.
[5]
Cristiano Giuffrida,et al.
Bait Your Hook: A Novel Detection Technique for Keyloggers
,
2010,
RAID.
[6]
Gabriela Limon Garcia,et al.
Forensic physical memory analysis : an overview of tools and techniques
,
2007
.
[7]
Timothy M. Vidas,et al.
The Acquisition and Analysis of Random Access Memory
,
2007,
J. Digit. Forensic Pract..