Case Study of Data Leakage Through Keylogger and Through a Cov-ert Channel in IP Protocol, And the Potential Size of the Leakage

Abstract

The threats surrounding computer data are still growing with network and technical progress around the world, and in parallel; there has been an increased interest in the security of computer data and maintaining the privacy of data transmitted over the network. Leakage of user data is a serious security threat due to the disclosure of the privacy of data that may be confidential and should only be viewed by authorized parties. With the emergence of covert channels, the risk of data leakage increased even more due to the ability of these channels to leak data in a hidden way that is difficult to detect, as these channels depend on the basis of their work to hide themselves. In this research, a network application was developed that eavesdrops on the user's keyboard (Keylogger), and leaks the characters that the user has pressed, by designing a covert channel represented by the TTL field of the IP protocol, and clarifying how this channel works, and the amount of data that will be leaked through this field only.