N/APosted on - 12/30/2014
Can Hook based anti spyware work against kernel based keylogger? What is the difference between hook based keylogger and application programming interface (API) based keylogger? Which is more powerful, kernel based or hook based keylogger? If a network administrator want to use keylogger on the network, what keylogger should he use? What is the best protection against kernel based keylogger?
Can Hook based anti spyware work against kernel based keylogger?
Keyloggers may have a number of benevolent uses like in parental control, employee monitoring, and or to retrieve or recover password and personal information. There are 3 popular methods of building a keylogger. The first method is by using the SetWindowsHook API function. This is actually the most widely used method in creating a keylogger.
Here, it is installed by means of the said API function for the messages sent out by the Windows procedure and intercepts or seizes keypress notifications. It is normally built using the C language. The second method is using the Get(Async)Keystate and GetKeyboardState of the WinAPI. It engages in requesting cyclical information from the keyboard.
Keyloggers built using the second method are often built using the Visual Basic programming language while Borland Delphi is less used. The third method of building a keylogger is by using a filter driver. Here, the keylogger produced is kernel-based. It is built using the C programming language and the authors require expert knowledge.