SoK: "Plug &amp; Pray" Today – Understanding USB Insecurity in Versions 1 Through C

Tian, Jianqing; Scaife, Nolen; Kumar, Deepak; Bailey, Michael; Bates, Adam; Butler, Kevin

doi:10.1109/sp.2018.00037

Cited by 26 publications

(18 citation statements)

References 34 publications

(39 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The USB is a communication standard [11], commonly used for connecting peripherals to computers. Introduced in the 1990s, the USB interface and protocol increased in popularity because it facilitated communication between peripherals and hosts [12]. However, according to [13], one of the major weaknesses of the USB protocol is its flexibility, and potential threats increase if the device is connected to other devices, networks or the Internet [14].…”

Section: Related Workmentioning

confidence: 99%

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Oliveira

Pinto

Santos

2021

JSAN

View full text Add to dashboard Cite

Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.

show abstract

Section: Related Workmentioning

confidence: 99%

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Oliveira

Pinto

Santos

2021

JSAN

View full text Add to dashboard Cite

show abstract

“…Also, Angel et al [20] proposed a virtualization-based solution, which attaches peripheral devices to a logically separate, untrusted machine. Recently, Tian et al [46] carried out a comprehensive survey on the research in USB security. The study suggests most of the USB attacks abuse the trust-by-default nature of the USB ecosystem and only a comprehensive defense solution expanding multiple layers would success in practice.…”

Section: Related Workmentioning

confidence: 99%

BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals

Diao

Zhou

et al. 2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Bluetooth is a widely used communication technology, especially under the scenarios of mobile computing and Internet of Things. Once paired with a host device, a Bluetooth device then can exchange commands and data, such as voice, keyboard/mouse inputs, network, blood pressure data, and so on, with the host. Due to the sensitivity of such data and commands, some security measures have already been built into the Bluetooth protocol, like authentication, encryption, authorization, etc. The newly discovered vulnerabilities can lead to severe attacks on user's privacy. To demonstrate the potential security implications of these vulnerabilities, we devise several concrete

show abstract

“…Tian et al [29] surveyed and categorized USB host-related attacks. On their basis, Opasiak et al [30] considered a broader spectrum of the USB-related attacks and evaluated the security of the Secure USB debugging from the USB connectivity perspective.…”

Section: Related Workmentioning

confidence: 99%

Salaxy: Enabling USB Debugging Mode Automatically to Control Android Devices

Lu¹,

Helu²,

Jin³

et al. 2019

IEEE Access

View full text Add to dashboard Cite

Android system attackers have proposed various attack schemes to invade users' privacy. One way is to use ADB (Android Debug Bridge) with advanced permissions but low protection. In order to set up an ADB connection successfully, the USB debugging option of the target device must be turned on. However, the existing ADB-based attack schemes have not proposed how to enable the USB debugging, so it couldn't be considered that their attack chain is completable. This paper presents an approach for attacking Android devices by exploiting JavaScript to enable USB debugging automatically in the device's system settings, which fills in the gaps of existing solutions. This method can bypass the security mechanism of USB debugging mode and obtain an ADB connection without the user's authorization. It can also bypass the alerts that ADB Action Monitor displays when sensitive behaviors are detected. Based on AccessibilityService, Auto.js and Scrcpy, an application called Salaxy is designed and implemented to demonstrate the effectiveness of this method. Besides, Salaxy can monitor and manipulate Android devices remotely.

show abstract

SoK: "Plug & Pray" Today – Understanding USB Insecurity in Versions 1 Through C

Cited by 26 publications

References 34 publications

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals

Salaxy: Enabling USB Debugging Mode Automatically to Control Android Devices

Contact Info

Product

Resources

About