Keystroke logging: Types of Keystroke loggers

By | August 20, 2009

Keystroke logging is a method of capturing and recording user keystrokes. Keylogging can be useful to determine sources of errors in computer systems, to study how users interact with systems, and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. Keyloggers are widely available on the Internet.

Types of keystroke loggers

Local Machine software Keyloggers: Are software programs that are designed to work on the target computers operating system? From a technical perspective they can be categorized into three categories:

Kernel based: This method is most difficult both to write, and combat. Such key loggers reside at the kernel level and are thus practically invisible. They almost always subvert the OS kernel and gain unauthorized access to the hardware, which makes them very powerful. A keylogger using this method can act as a keyboard driver for example, and thus gain access to any information typed on the keyboard as it goes to the Operating System.
Hook based: Such keyloggers hook the keyboard with functions provided by the OS. The OS warns them any time a key is pressed and it records it.

Creative Methods: Here the coder uses functions like GetAsyncKeyState, GetForegroundWindow, etc. These are the easiest to write, but as they require polling the state of each key several times per second, they can cause a noticeable increase in CPU usage and can miss the occasional key.

Remote Access software Keyloggers: Are local software keyloggers programmed with an added feature to transmit recorded data out of the target computer and make the data available to the monitor at a remote location? Remote communication is facilitated by one of four methods:

  • Data is uploaded to a website or an ftp account.
  • Data is periodically emailed to a pre-defined email address.
  • Data is wirelessly transmitted by means of an attached hardware system.
  • It allows the monitor to log into the local machine via the Internet or Ethernet and view the logs stored on the target machine itself.

Hardware Keyloggers – are used for keystroke logging by means of a hardware circuit that is attached somewhere in between the computer keyboard and the computer. It logs all keyboard activity to its internal memory, which can be accessed by typing in a series of pre-defined characters. A hardware keylogger has an advantage over a software solution; because it is not dependent on the computers operating system it will not interfere with any program running on the target machine and hence cannot be detected by any software.

You may also like to read:
Folder Lock Software
Should An Organization Go For MS Exchange Server?
Different Types Of Application Software
Advantages of Barcodes In Libraries
Application Of Barcode Technology In Blood Banks
Difference Between RFID and Barcode Technology