Is it possible to have a C# Winform with in-built Anti-Keylogger?
Every security systems have its limits. I understand that hardware key logger cannot be beaten as it is connected to the hardware itself. Also it is not a concern at this point as most of the time it is used by programmers and ethical hackers to log themselves, on top of which most of the time cautious users will be able to visually identify any unwanted hardware (forget gov. agencies).
But as a developer it is often a concern to protect the user! S开发者_高级运维o is it possible for me, as a programmer to integrate a layer of security in my windows form that will be able disable any active key logger/s (i.e. Software based) on user’s system, by implementing some kind of anti hooking trick? Plus most of the software key loggers now days support “Screen shots” is there any way to escape it?
I presume you are worried about users entering their credentials and them being captured.
If this is the case then you need to establish a method of ensuring any captured details are not of use.
A method employed by many banks, and even World of Warcraft now, is the use of a portable token generator. The user then enters their username, password, and typically a PIN displayed on the token generator. These PINs exist for only a few seconds and never repeat. This means the nefarious user who intercepts the credentials can not authenticate with them.
I have never used them, and have no idea how you would source them, but you can read about them here:
http://en.wikipedia.org/wiki/Security_token
It seems to me this is a better method than trying to stop a keylogger from attacking your application.
Even shorter answer: not from c#. For reason's i'm not even going to go in to. Even though you could traverse all the modules that have inserted a keyboard hook, how would you determine whether it is a keylogger, and not something legitimate?
It is possible, but the heuristics to detect one would not be worth the time. It would be appropriate to allow the PC to have a good anti-virus/malware. If you are really paranoid, you could code an on-screen keyboard that inputs through the mouse for your application, very similar to what ING Direct has for PIN input.
Short answer: possibly, but probably not worth the effort.
The adversary has admin rights on the machine. You've already lost.
If you want to protect the user against such attacks best practice would be to run the application on a 'red' network and restrict the software going onto that network. And prevent data from the 'red' network ever being taken away. Even the security agencies are starting to get fed up with the cost and inconvenience of that.
精彩评论