JCP 2014 Vol.9(6): 1347-1354 ISSN: 1796-203X
doi: 10.4304/jcp.9.6.1347-1354
doi: 10.4304/jcp.9.6.1347-1354
Enhancing Keylogger Detection Performance of the Dendritic Cell Algorithm by an Enticement Strategy
Jun Fu1, Huan Yang1, Yiwen Liang2, Chengyu Tan2
1The 28th Research Institute of China Electronics Technology Group Corporation, Nanjing 210007, China
2Computer School, Wuhan University, Wuhan 430079, China
Abstract—Evasive software keyloggers hide their malicious behaviors to defeat run-time detection. In this paper, based on the analysis of the evasion mechanisms used by common software keyloggers, we established a framework for their detection. Using an enticement strategy, the framework we built could induce keyloggers exhibited more obvious malicious activities by mimicking user keystrokes. These ‘amplified’ activities are then correlated by the dendritic cell algorithm (an immune-inspired algorithm) to final determine the existence of a keylogger in a host. Preliminary experimental results showed that the framework could improve the performance of keylogger detection and hard to evade.
Index Terms—keylogger, keystroke simulation, dendritic cell algorithm (DCA), correlation
2Computer School, Wuhan University, Wuhan 430079, China
Abstract—Evasive software keyloggers hide their malicious behaviors to defeat run-time detection. In this paper, based on the analysis of the evasion mechanisms used by common software keyloggers, we established a framework for their detection. Using an enticement strategy, the framework we built could induce keyloggers exhibited more obvious malicious activities by mimicking user keystrokes. These ‘amplified’ activities are then correlated by the dendritic cell algorithm (an immune-inspired algorithm) to final determine the existence of a keylogger in a host. Preliminary experimental results showed that the framework could improve the performance of keylogger detection and hard to evade.
Index Terms—keylogger, keystroke simulation, dendritic cell algorithm (DCA), correlation
Cite: Jun Fu, Huan Yang, Yiwen Liang, Chengyu Tan, "Enhancing Keylogger Detection Performance of the Dendritic Cell Algorithm by an Enticement Strategy," Journal of Computers vol. 9, no. 6, pp. 1347-1354, 2014.
General Information
ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO, ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat,etc
E-mail: jcp@iap.org
-
Nov 14, 2019 News!
Vol 14, No 11 has been published with online version [Click]
-
Mar 20, 2020 News!
Vol 15, No 2 has been published with online version [Click]
-
Dec 16, 2019 News!
Vol 14, No 12 has been published with online version [Click]
-
Sep 16, 2019 News!
Vol 14, No 9 has been published with online version [Click]
-
Aug 16, 2019 News!
Vol 14, No 8 has been published with online version [Click]
- Read more>>