In this work a countermeasure scheme known as an enhanced keylogging detection system using honeypot approach (EKDS) was developed for detecting keylogging attacks. A honeypot is a technology deployed to stop unauthorized access to information system. The EKDS is divided into five modules namely: The honeypot database, pre-processing and pattern extraction phase, Discretization, Classification and the Detection phase. The honeypot database was scanned with prefixspan algorithm to get patterns. The extracted patterns are passed onto the discretization phase so that we can have our data in discrete form. The data in the discretization phase was passed to the classification phase where Support Vector Machine (SVM) was used for training and the output was later optimized using Bat Algorithm. Particle swarm Optimization (PSO) was used to compare the result got from EKDS. The result obtained through accurate analysis showed that EKDS outperformed PSO in all the matrices that it was compared with. Therefore the honeypot approach has proved to be robust in solving the problem of software keylogging attacks.

Keywords: Honeypot, Keylogging, Prefix Span Algorithm, Particle Swarm Optimization, Bat Algorithm