3. SYSTEM ANALYSIS
The purpose of this system is to monitor user activity, detect specific events (clipboard changes, AI tool usage, suspicious key presses, etc.), and send email alerts with relevant information. Below is an in-depth analysis of the system from different perspectives:
3.1 Functional analysis :
v Core Functions:
· System Monitoring:
o Gathers essential details about the system (e.g., OS, IP addresses, hardware specs).
· Clipboard Monitoring:
o Detects changes in clipboard content, such as text copied or pasted.
· AI Tool Detection:
o Monitors processes and active windows to detect predefined keywords associated with AI tools.
· Keylogging:
o Detects specific key presses (e.g., Tab) to flag potential suspicious activity.
· Email Notifications:
o Sends alerts containing system information, detected activity details, and screenshots using SMTP and MIME.
v Event Detection Logic
· Event-based triggers initiate specific actions (e.g., sending emails, capturing screenshots).
· Multithreading ensures simultaneous detection of clipboard changes, process monitoring, and keylogging without performance bottlenecks.
v User Interaction
· The system requires minimal user input:
o At setup: Entering a system identifier (e.g., student ID) and receiver's email address.
o Passive Monitoring: Operates in the background, with alerts sent automatically.
3.3 Technical feasibility:
v Programming Language: Python
Libraries like psutil, pynput, and pyperclip provide robust monitoring capabilities.
v Email Transmission:
Uses SMTP with Google App Passwords for secure email notifications.
v Screenshot Capturing:
Relies on the Pillow library (ImageGrab) for taking screenshots of the active screen.
v Process and Window Monitoring:
psutil and win32gui enable tracking of active processes and window titles.
v System Requirements
Hardware:
Moderate processing power and memory for continuous monitoring without significant system overhead.
Software:
Python 3.x and required libraries installed.
Access to the internet for sending emails and fetching public IP addresses.
v Scalability
The system is suitable for single-user environments. However, scaling to multiple users requires:
Centralized logging on a server.
Real-time dashboard or alert aggregation for administrators.
3.4 Performance Analysis:
v Strengths
Real-time Monitoring:
Multithreaded design ensures continuous monitoring of multiple events without blocking other tasks.
Automated Alerts:
Minimizes human intervention by sending preformatted emails with system details and activity logs.
Ease of Use:
Requires simple input (email and system ID) and operates autonomously after initialization.
v Weaknesses
Resource Utilization:
Continuous monitoring (e.g., checking processes and clipboard) can increase CPU and memory usage.
Latency:
Email alerts might experience delays due to network issues or SMTP server responsiveness.
False Positives:
Monitoring clipboard and process names may flag benign activities as suspicious, leading to unnecessary alerts.
v Opportunities for Improvement
Optimized Monitoring:
Use efficient polling intervals to reduce CPU usage.
Customizable Detection:
Allow users to define monitored keywords or processes dynamically.
v Threats
Security Risks:
Storing credentials (even App Passwords) in plaintext poses a security risk.
Detection Evasion:
Advanced users might rename processes or use encrypted clipboard data to bypass detection.
3.5 Ethical and Legal Considerations:
User Consent:
Ensure the monitored user has explicitly consented to the data collection and monitoring activities.
Compliance:
Adhere to laws governing digital surveillance, such as GDPR, CCPA, and local data protection regulations.
Minimization:
Collect and store only the data necessary for the system’s functionality to avoid unnecessary privacy risks.