Advertisement

Remote Network Injection Attack Using X-Cross API Calls

  • M. PrabhavathyEmail author
  • S. Uma Maheswari
Conference paper
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 35)

Abstract

The major problem in digital environment is data security and privacy protection (i.e.) securing the user information that is shared as a resource. Data security has consistently been a major issue in information technology. Considering identification of keylogging malware is one of the major issues for antimalware protectors. The proposed method creates the awareness that how the undocumented API calls and middleware libraries are used by the malware creator to steal the user information remotely by injecting into the process and how hide them from the antimalware protector. The experimental results of the proposed work shows the antimalware protector need to take more attention on API call hooking at network level injection by X-cross languages.

Keywords

Malware Data security Privacy Keylogging Antimalware API Hooking 

References

  1. 1.
    Wazid, M., Sharma, R., Katal, A., Goudar, R.H., Bhakuni, P., Tyagi, A.: Implementation and Embellishment of Prevention of Keylogger Spyware Attacks. In: Security in Computing and Communications, of the series Communications in Computer and Information Science, vol. 377, pp. 262–271 (2013). http://link.springer.com/chapter/10.1007%2F978-3-642-40576-1_26Google Scholar
  2. 2.
    Vishnani, K., Pais, A.R., Mohandas, R.: An in-depth analysis of the epitome of online stealth: keyloggers; and their countermeasures. In: Advances in Computing and Communications of the series Communications in Computer and Information Science, vol. 192, pp. 10–19 (2011). http://link.springer.com/chapter/10.1007%2F978-3-642-22720-2_2
  3. 3.
    Vasiliadis, G., Polychronakis, M., Ioannidis, S.: GPU-assisted malware. Int. J. Inf. Secur. 14(3), 289–297 (2015)CrossRefGoogle Scholar
  4. 4.
    Ortolani, S., Giuffrida, C., Crispo, B.: Bait your hook: a novel detection technique for keyloggers. In: Recent Advances in Intrusion Detection, vol. 6307 (2010). http://link.springer.com/chapter/10.1007%2F978-3-642-15512-3_11Google Scholar
  5. 5.
    Damopoulos, D., Kambourakis, G., Gritzalis, S.: From keyloggers to touchloggers: take the rough with the smooth. J. Comput. Secur. 32, 102–114 (2013). http://dl.acm.org/citation.cfm?id=2622909CrossRefGoogle Scholar
  6. 6.
    Father, H.: Hooking windows API-technics of hooking API functions on windows. Assembly-Program. J. 2(2) (2004)Google Scholar
  7. 7.
    Prochazka, B., Vojnar, T., Drahanský, M.: Hijacking the linux kernel. In MEMICS, pp. 85–92 (2010)Google Scholar
  8. 8.
    Wazid, M., Katal, A., Goudar, R.H., Singh, D.P.: A framework for detection and prevention of novel keylogger spyware attacks. In: 7th International Conference on Intelligent Systems and Control (ISCO), 2013, 4–5 January 2013, pp. 433–438. IEEE (2013).  https://doi.org/10.1109/isco.2013.6481194
  9. 9.
    Cho, J., Cho, G., Kim, H.: Keyboard or keylogger?: a security analysis of third-party keyboards on Android. In: 2015 13th Annual Conference on Privacy, Security and Trust (PST), 21–23 July 2015, pp. 173–176. IEEE (2015).  https://doi.org/10.1109/pst.2015.7232970
  10. 10.
    Sagiroglu, S., Canbek, G.: Keyloggers. In: IEEE Society on Social Implications of Technology, IEEE, 18 September 2009.  https://doi.org/10.1109/mts.2009.934159, ISSN: 0278–0097CrossRefGoogle Scholar
  11. 11.
    Naval, S., Laxmi, V., Rajarajan, M., Gaur, M.S., Conti, M.: Employing Program Semantics for Malware Detection. IEEE Transactions on Information Forensics and Security 10(12), 2591–2604 (2015)CrossRefGoogle Scholar
  12. 12.
    Barabosch, T., Eschweiler, S., Gerhards Padilla, E.: Bee master: detecting host-based code injection attacks. In: Detection of Intrusions and Malware, and Vulnerability Assessment, Print (2014). ISBN 978-3-319-08508-1Google Scholar
  13. 13.
  14. 14.
  15. 15.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of CSECoimbatore Institute of TechnologyCoimbatoreIndia
  2. 2.Department of ECECoimbatore Institute of TechnologyCoimbatoreIndia

Personalised recommendations