USBCheckIn: Preventing BadUSB attacks by forcing human-device interaction
Autor: | Federico Griscioli, Maurizio Pizzonia, Marco Sacchetti |
---|---|
Přispěvatelé: | HOSSEIN SARRAFZADEH, Griscioli, Federico, Pizzonia, Maurizio, Sacchetti, Marco |
Jazyk: | angličtina |
Rok vydání: | 2016 |
Předmět: |
Forcing (recursion theory)
business.industry Computer science Firmware 020209 energy Authorization 02 engineering and technology USB computer.software_genre law.invention eXtensible Host Controller Interface (xHCI) Ask price law Embedded system USB hub 0202 electrical engineering electronic engineering information engineering business Host (network) computer Computer hardware |
Zdroj: | PST |
Popis: | The BadUSB attack leverages the modification of firmware of USB devices in order to mimic the behaviour of a keyboard or a mouse and send malicious commands to the host. This is a new and dreadful threat for any organization. Current countermeasures either require special USB devices or ask the user to decide if the device can be used. We propose a new approach that, before allowing the device to be used, forces the user to interact with it physically, to ensure that a real human-interface device is attached. Our implementation is hardware-based and, hence, can be used with any host, comprising embedded devices, and also during boot, i.e., before any operating system is running. Our approach does not require any special feature from USB devices. |
Databáze: | OpenAIRE |
Externí odkaz: |