Skip to main content
SpringerLink
Log in

Malware Security Evasion Techniques: An Original Keylogger Implementation

  • Conference paper
  • First Online:
Trends and Applications in Information Systems and Technologies (WorldCIST 2021)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1365))

Included in the following conference series:

Abstract

The current study evaluates the malware life cycle and develops a keylogger that can avoid Windows 10 security systems. Therefore, we considered the requirements of the malware in order to create a keylogger. Afterward, we developed a customized and unpublished malware, on which we added as many features as necessary using the Python programming language. At the end of this process, the resulting executable program will execute three main threads responsible for collecting the screenshots, keystrokes, and creating the backdoor in the infected system. Furthermore, we added the required methods to avoid the leading security tools used in Windows environments. Finally, we tested the executable file resulting on different websites as proof of concept in a real scenario. As a result, the keylogger has avoided Windows 10 firewalls, user account control, and the antivirus. Moreover, it gathered a significant amount of confidential information about user behavior, including even the credentials of the users, without noticing them.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Al-Hammadi, Y., Aickelin, U.: Detecting bots based on keylogging activities. In: Proceeding of 3rd International Conference on Availability, Reliability and Security, pp. 896–902 (2008)

    Google Scholar 

  2. Aslam, M., Idrees, R., Baig, M., Arshad, M.: Anti-hook shield against the software keyloggers. In: Proceeding of the National Conference on Emerging Technologies, pp. 189–191 (2004)

    Google Scholar 

  3. Estrada, Z.J., Sprabery, R., Yan, L., Yu, Z., Campbell, R., Kalbarczyk, Z., Iyer, R.K.: Using OS design patterns to provide reliability and security as-a-service for VM-based clouds. In: Proceedings of the 2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, pp. 157–170 (2017)

    Google Scholar 

  4. Fangzhou, G., et al.: A novel detection technique for keyloggers. Lecture Notes in Computer Science, vol. 6307, pp. 198–217 (2010)

    Google Scholar 

  5. GithubGist: Bypass UAC via fodhelper binary in windows 10 systems. Technical Report. https://gist.github.com/netbiosX/a114f8822eb20b115e33db55deee6692

  6. Han, J. Kwon, J. Lee, H.: Unveiling hidden spywares by generating bogus events. In: The Proceeding of IFIP 23rd International Information Security Conference, pp. 669–673 (2008)

    Google Scholar 

  7. Holz, T., Engelberth, M., Freiling, F.: Learning more about the underground economy: a case-study of keyloggers and dropzones. Lecture Notes in Computer Science, vol. 5789, pp. 1–18 (2009)

    Google Scholar 

  8. Jha, A., Sharma, S.: Quantitative interpretation of cryptographic algorithms. In: Emerging Technology in Modelling and Graphics, pp. 459–469. Springer, Singapore. (2020)

    Google Scholar 

  9. Jun, F., Yiwen, L., Chengyu, T., Xiaofei, X.: Detecting software keyloggers with dendritic cell algorithm. In: Proceeding of the International Conference on Communications and Mobile Computing, pp. 111–115 (2010)

    Google Scholar 

  10. Loutfi, I.: Smmdecoy: detecting GPU keyloggers using security by deception techniques. In: Proceedings of the 5th International Conference on Information Systems Security and Privacy, pp. 580–587 (2019)

    Google Scholar 

  11. Luzbashev, A.V., Filippov, A.I., Kogos, K.G.: Continuous user authentication in mobile phone browser based on gesture characteristics. In: Proceedings of the 2nd World Conference on Smart Trends in Systems, Security and Sustainability, WorldS, vol. 8611589, pp. 313–316 (2019)

    Google Scholar 

  12. Mallikarajunan, K., Preethi, S.R., Selvalakshmi, S. Nithish, N.: Detection of spyware in software using virtual environment. In: Proceedings of the 3rd International Conference on Trends in Electronics and Informatics, pp. 1138–1142 (2019)

    Google Scholar 

  13. Mohsen, F., Bello-Ogunu, E. Shehab, M.: Investigating the keylogging threat in android – user perspective. In: Proceedings of the Second International Conference on Mobile and Secure Services (MobiSecServ), Gainesville, pp. 1–5 (2016)

    Google Scholar 

  14. Ortolani, S., Crispo, B.: Noisykey: tolerating keyloggers via keystrokes hiding. In: Proceedings of the 7th USENIX Conference on Hot Topics in Security (HotSec 2012). USENIX Association (2012)

    Google Scholar 

  15. Ortolani, S., Giuffrida, C., Crispo, B.: Unprivileged black-box detection of user-space keyloggers, pp. 40–52 (2013)

    Google Scholar 

  16. Provecho, E.F.: Testing user account control (UAC) on windows 10

    Google Scholar 

  17. PyInstaller: Using pyinstaller – pyinstaller 3.5 documentation. Technical Report

    Google Scholar 

  18. Sahay, S.K., Sharma, A., Rathore, H.: Evolution of malware and its detection techniques. In: Information and Communication Technology for Sustainable Development, pp. 139–150 (2020)

    Google Scholar 

  19. Solairaj, A., Prabanand, S.C., Mathalairaj, J., Prathap, C., Vignesh, L.S.: Keyloggers software detection techniques. In: Proceedings of the 10th International Conference on Intelligent Systems and Control, ISCO (2016)

    Google Scholar 

  20. Tekawade, N., Kshirsagar, S., Sukate, S., Raut, L., Vairagar, S.: Social engineering solutions for document generation using key-logger security mechanism and QR code. In: Proceedings 4th International Conference on Computing, Communication Control and Automation, ICCUBEA, vol. 8697420 (2018)

    Google Scholar 

  21. Ucci, D., Aniello, L., Baldoni, R.: Survey of machine learning techniques for malware analysis. Comput. Secur. 81, 123–147 (2019)

    Article  Google Scholar 

  22. Willems, E.: Tips for companies: surviving on the internet. In: Cyberdanger, pp. 145–159 (2019)

    Google Scholar 

  23. Zambrano, P., Torres, J., Tello-Oquendo, L., Jácome, R., Benalcázar, M.E., Andrade, R., Fuertes, W.: Technical mapping of the grooming anatomy using machine learning paradigms: an information security approach. IEEE Access 7, 142,129–142,146 (2019)

    Article  Google Scholar 

  24. Zheng, Y., Liu, F., Hsieh, H.P.: Security risks from vulnerabilities and backdoors. In: Cyberspace Mimic Defense, pp. 3–38. Springer, Cham (2020)

    Google Scholar 

Download references

Acknowledgment

We want to thank the resources granted for developing the research project entitled “Detection and Mitigation of Social Engineering attacks applying Cognitive Security, Code: PIC-ESPE-2020-Social-Engineering.” The authors would also like to thank the financial support of the Ecuadorian Corporation for the Development of Research and the Academy (RED CEDIA) in the development of this study within the Project Grant GT-Cybersecurity.

Author information

Authors and Affiliations

  1. Faculty of Engineering, Universidad Internacional de la Rioja, Logroño, La Rioja, Spain

    Álvaro Arribas Royo & Manuel Sánchez Rubio

  2. Department of Computer Sciences, Universidad de las Fuerzas Armadas ESPE, Sangolquí, Ecuador

    Walter Fuertes, Carlos Andrés Estrada & Theofilos Toulkeridis

  3. Faculty of Engineering, Universidad Pedagógica Tecnológica de Colombia, Tunja, Boyacá, Colombia

    Mauro Callejas Cuervo

Authors
  1. Álvaro Arribas Royo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manuel Sánchez Rubio
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Walter Fuertes
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mauro Callejas Cuervo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Carlos Andrés Estrada
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Theofilos Toulkeridis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Walter Fuertes .

Editor information

Editors and Affiliations

  1. ISEG, University of Lisbon, Lisbon, Portugal

    Álvaro Rocha

  2. College of Engineering, The Ohio State University, Columbus, OH, USA

    Hojjat Adeli

  3. Institute of Data Science and Digital Technologies, Vilnius University, Vilnius, Lithuania

    Gintautas Dzemyda

  4. DCT, Universidade Portucalense, Porto, Portugal

    Fernando Moreira

  5. Department of Information Sciences, University of Sheffield, Lisbon, Portugal

    Ana Maria Ramalho Correia

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Royo, Á.A., Rubio, M.S., Fuertes, W., Cuervo, M.C., Estrada, C.A., Toulkeridis, T. (2021). Malware Security Evasion Techniques: An Original Keylogger Implementation. In: Rocha, Á., Adeli, H., Dzemyda, G., Moreira, F., Ramalho Correia, A.M. (eds) Trends and Applications in Information Systems and Technologies. WorldCIST 2021. Advances in Intelligent Systems and Computing, vol 1365. Springer, Cham. https://doi.org/10.1007/978-3-030-72657-7_36

Download citation

Publish with us

Policies and ethics

Search

Navigation