# User Privacy Protection via Windows Registry Hooking and Runtime Encryption

**Authors:** Edward L. Amoruso, Richard Leinecker, Cliff C. Zou

PMC · DOI: 10.3390/s24165106 · Sensors (Basel, Switzerland) · 2024-08-06

## TL;DR

This paper introduces a method to protect user privacy by encrypting sensitive data in the Windows registry in real time, without changing the operating system or software.

## Contribution

A novel real-time encryption approach for the Windows registry using hooking and DPAPI for secure key management.

## Key findings

- The proposed system encrypts and decrypts registry data transparently using API hooking.
- The method maintains registry accessibility while enhancing security against unauthorized access.
- DPAPI is effectively used to manage encryption keys securely for each user.

## Abstract

The Windows registry contains a plethora of information in a hierarchical database. It includes system-wide settings, user preferences, installed programs, and recently accessed files and maintains timestamps that can be used to construct a detailed timeline of user activities. However, these data are unencrypted and thus vulnerable to exploitation by malicious actors who gain access to this repository. To address this security and privacy concern, we propose a novel approach that efficiently encrypts and decrypts sensitive registry data in real time. Our developed proof-of-concept program intercepts interactions between the registry’s application programming interfaces (APIs) and other Windows applications using an advanced hooking technique. This enables the proposed system to be transparent to users without requiring any changes to the operating system or installed software. Our approach also implements the data protection API (DPAPI) developed by Microsoft to securely manage each user’s encryption key. Ultimately, our research provides an enhanced security and privacy framework for the Windows registry, effectively fortifying the registry against security and privacy threats while maintaining its accessibility to legitimate users and applications.

## Full-text entities

- **Diseases:** ACLs (MESH:C536209), injury to people or property (MESH:C000719191)
- **Species:** Homo sapiens (human, species) [taxon 9606], Mus musculus (house mouse, species) [taxon 10090]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC11359771/full.md

## Figures

8 figures with captions in the complete paper: https://tomesphere.com/paper/PMC11359771/full.md

## References

20 references — full list in the complete paper: https://tomesphere.com/paper/PMC11359771/full.md

---
Source: https://tomesphere.com/paper/PMC11359771