论文信息 - SandUSB: An installation-free sandbox for USB peripherals

SandUSB: An installation-free sandbox for USB peripherals

This work investigates two emerging attacks — Human Interface Device (HID) attack and Juice Jacking attack — that leverage USB peripherals, and proposes countermeasures to defend against them. These attacks can be easily reproduced using low-cost IoT prototyping boards (e.g., Raspberry Pi) and can bypass commercial antivirus tools. Although several research prototypes can effectively mitigate Juice Jacking and HID attacks, these prototypes encounter two challenges with respect to deployability: 1) Some require installation on host computers, which is inconvenient and users may lack permission to install software; 2) Some assume cryptographic keys for authentication, but such cryptographic operations may not be supported by legacy USB peripherals and hosts. To address these challenges, this paper presents the design and implementation of SandUSB, an installation-free and user-controllable security gadget for USB peripherals. Since SandUSB acts as an intermediary between the USB host and device, SandUSB can perform efficient scanning and analysis without changing USB devices or hosts. In addition, SandUSB provides a simple user interface (UI) to control and monitor connected USB devices, enabling users to identify malicious peripherals that masquerade as another type. This UI is complementary to the automatic defensive measures that SandUSB supports or cryptographic-based authentication. Our evaluation demonstrates that SandUSB can effectively defend against various USB attacks, including the HID attack and Juice Jacking, using affordable and easily accessible hardware.

[1] Гарнаева Мария Александровна,et al. Kaspersky security Bulletin 2013 , 2014 .

[2] Patrick Traynor,et al. Making USB Great Again with USBFILTER , 2016, USENIX Security Symposium.

[3] Andrew J. Blumberg,et al. Defending against Malicious Peripherals with Cinch , 2016, USENIX Security Symposium.

[4] Hossein Saiedian,et al. USBWall: A novel security mechanism to protect against maliciously reprogrammed USB devices , 2017, Inf. Secur. J. A Glob. Perspect..

[5] Kevin R. B. Butler,et al. Defending Against Malicious USB Firmware with GoodUSB , 2015, ACSAC.

[6] Matthew Tischer,et al. Users Really Do Plug in USB Drives They Find , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[7] Angelos Stavrou,et al. Attestation & Authentication for USB Communications , 2012, 2012 IEEE Sixth International Conference on Software Security and Reliability Companion.

[8] Sukumar Nandi,et al. An Anomaly Based Approach for HID Attack Detection Using Keystroke Dynamics , 2012, CSS.

[9] Pedro Brandão,et al. USB Connection Vulnerabilities on Android Smartphones: Default and Vendors' Customizations , 2014, Communications and Multimedia Security.

[10] Jeffrey Robert Jacobs,et al. Measuring the Effectiveness of the USB Flash Drive as a Vector for Social Engineering Attacks on Commercial and Residential Computer Systems , 2011 .