For my next task, I'm trying to find a way to implement a security kernel driver for microphone usage. I found several threads which talk about this, but didn't find up-do-date detailed information.
I'd like to be able to do the following:
1. Block selective applications from accessing the microphone.
2. If not possible, block all applications from using the microphone.
3. If not possible, notify the user when the microphone is being used.
From the information that I found, modern Windows versions use a memory-mapped buffer to transfer the microphone audio stream. That made me think that I might be able to control which apps are able to map the relevant buffer and access it, which will allow to implement 1. For this to work, I need to be able to identify the relevant handle, which I don't know how to do.
Another possibility that I thought of is hooking the act of writing data to the said buffer by the device driver. If I can do that, I can e.g. replace the data with silence, and by this implement 2. But unfortunately, I don't know how to approach it just yet.
Can you please shed some light on what possibilities I have?