System Protection Agent Against
Unauthorized Activities via USB Devices

Oliveira, José Geraldo de; Frade, Miguel; Pinto, Pedro

doi:10.5220/0006708502370243

Cited by 3 publications

(5 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Acknowledgments: The authors would like to thank Miguel Frade for his contribution with the initial version of this work in [10].…”

Section: Data Availability Statement: Not Applicablementioning

confidence: 99%

“…Additional efforts have been made to allow USB devices to be mounted only after a user verification. Previous work in [10] proposed a system protection agent that blocks USB devices' installation and enables users to check and mount each device after being informed about its category. However, this proposal had the following limitations: (1) the filtering process is based on a short and less accurate vendor-defined Identifier (ID) and (2) the devices are presented to the user without any prior or distributed threat assessment.…”

Section: Introductionmentioning

confidence: 99%

“…In the previous work [10], the authors propose a system based on an agent that blocks PnP device installation on Registry and listens to OS events, waiting for device change notifications. The solution is available in [38].…”

mentioning

confidence: 99%

See 2 more Smart Citations

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Oliveira

Pinto

Santos

2021

JSAN

Self Cite

View full text Add to dashboard Cite

Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.

show abstract

“…Acknowledgments: The authors would like to thank Miguel Frade for his contribution with the initial version of this work in [10].…”

Section: Data Availability Statement: Not Applicablementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Oliveira

Pinto

Santos

2021

JSAN

Self Cite

View full text Add to dashboard Cite

show abstract

“…Upon guessing the authentication key, the attacker gains access to the target device and initiates the DoS attack. Figure 18 shows the DoS attack when an infected USB dongle is employed for upgrading an infected kernel inside of the machine [83]. Such an attack may employ multiple attacking nodes, which together form a botnet.…”

Section: Pilot Implementation and Testingmentioning

confidence: 99%

A Design Approach to IoT Endpoint Security for Production Machinery Monitoring

Tedeschi

Emmanouilidis

Mehnen

et al. 2019

Sensors

View full text Add to dashboard Cite

The Internet of Things (IoT) has significant potential in upgrading legacy production machinery with monitoring capabilities to unlock new capabilities and bring economic benefits. However, the introduction of IoT at the shop floor layer exposes it to additional security risks with potentially significant adverse operational impact. This article addresses such fundamental new risks at their root by introducing a novel endpoint security-by-design approach. The approach is implemented on a widely applicable production-machinery-monitoring application by introducing real-time adaptation features for IoT device security through subsystem isolation and a dedicated lightweight authentication protocol. This paper establishes a novel viewpoint for the understanding of IoT endpoint security risks and relevant mitigation strategies and opens a new space of risk-averse designs that enable IoT benefits, while shielding operational integrity in industrial environments.

show abstract

“…Factor l corresponds to the percentage of the standard deviation used to determine the threshold for pruning. 94 83. 94.14 93.97 93.97 93.80 93.97 93.45 91.91 90.01 87.60 93.97 93.45 93.28 91.56 84.16 82.09 58.86 65.95 69.53 55.93 94.83 94.83 94.32 93.11 92.95 87.77 74.69 56.45 51.80 43.02 95.69 95.69 95.69 95.52 95.18 95.18 95.00 93.97 85.71 75.21 95.70 95.87 95.87 95.87 95.53 95.01 94.50 88.83 90.20 79.89 Evaluation of the performance for the developed architectures with the method of pruning scalar weights with retraining.…”

mentioning

confidence: 99%

Real-Time Sensor Networks and Systems for the Industrial IoT

Koulamas¹,

Lazarescu²

2020

View full text Add to dashboard Cite

He has more than 25 years of experience in R&D, in the areas of real-time distributed embedded systems, industrial networks, wireless sensor networks and their applications in industrial and building automation and the transportation and energy sectors. He is the author or co-author of more than 70 publications in international journals, conferences and books, and he has participated in numerous European and national research projects with multiple roles. He has served as a member of the board of ERCIM, as Guest Editor for MDPI journals and as PC/TPC or panel member of many IEEE and other conferences and workshops. He is an IEEE Senior Member and a member of the Technical Chamber of Greece.Mihai T. Lazarescu (M'92) received his PhD in 1998 from the Politecnico di Torino, Italy, where he serves now as Assistant Professor. He was Senior Engineer at Cadence Design Systems, working on high-level synthesis (HLS) of embedded systems; he founded several start-ups, working on real-time embedded Linux and WSN for long-term environmental monitoring; and he has participated in numerous European-and national-founded research projects on topics related to the design of ASIC, EDA for HLS and WSN hardware, software and development tools. He has authored and co-authored more than 60 scientific publications at international conferences and journals, several books and international patents. He is an IEEE Senior Member and served as Guest Editor for ACM and MDPI journals and as PC Chair for international conferences. His research interests include real-time embedded systems, low-power sensing and data processing for IoT and WSN platforms, high-level hardware/software co-design and high-level synthesis.

show abstract

System Protection Agent Against Unauthorized Activities via USB Devices

Cited by 3 publications

References 0 publications

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices

A Design Approach to IoT Endpoint Security for Production Machinery Monitoring

Real-Time Sensor Networks and Systems for the Industrial IoT

Contact Info

Product

Resources

About