Distributed architecture to enhance systems protection against unauthorized activity via USB devices
Autor(a) principal: | |
---|---|
Data de Publicação: | 2021 |
Outros Autores: | , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/1822/72633 |
Resumo: | Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection. |
id |
RCAP_bb8234bcb613aef2fd84b33097c747db |
---|---|
oai_identifier_str |
oai:repositorium.sdum.uminho.pt:1822/72633 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Distributed architecture to enhance systems protection against unauthorized activity via USB devicesUSBThreat assessmentBadUSB attackHIDDistributed architectureScience & TechnologyCyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.Multidisciplinary Digital Publishing Institute (MDPI)Universidade do MinhoOliveira, JoséPinto, PedroSantos, Henrique2021-03-022021-03-02T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/1822/72633engOliveira, J.; Pinto, P.; Santos, H. Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices. J. Sens. Actuator Netw. 2021, 10, 19. https://doi.org/10.3390/jsan100100192224-270810.3390/jsan10010019https://www.mdpi.com/2224-2708/10/1/19info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-07-21T12:47:16Zoai:repositorium.sdum.uminho.pt:1822/72633Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T19:45:22.496635Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
title |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
spellingShingle |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices Oliveira, José USB Threat assessment BadUSB attack HID Distributed architecture Science & Technology |
title_short |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
title_full |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
title_fullStr |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
title_full_unstemmed |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
title_sort |
Distributed architecture to enhance systems protection against unauthorized activity via USB devices |
author |
Oliveira, José |
author_facet |
Oliveira, José Pinto, Pedro Santos, Henrique |
author_role |
author |
author2 |
Pinto, Pedro Santos, Henrique |
author2_role |
author author |
dc.contributor.none.fl_str_mv |
Universidade do Minho |
dc.contributor.author.fl_str_mv |
Oliveira, José Pinto, Pedro Santos, Henrique |
dc.subject.por.fl_str_mv |
USB Threat assessment BadUSB attack HID Distributed architecture Science & Technology |
topic |
USB Threat assessment BadUSB attack HID Distributed architecture Science & Technology |
description |
Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection. |
publishDate |
2021 |
dc.date.none.fl_str_mv |
2021-03-02 2021-03-02T00:00:00Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/1822/72633 |
url |
http://hdl.handle.net/1822/72633 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
Oliveira, J.; Pinto, P.; Santos, H. Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices. J. Sens. Actuator Netw. 2021, 10, 19. https://doi.org/10.3390/jsan10010019 2224-2708 10.3390/jsan10010019 https://www.mdpi.com/2224-2708/10/1/19 |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Multidisciplinary Digital Publishing Institute (MDPI) |
publisher.none.fl_str_mv |
Multidisciplinary Digital Publishing Institute (MDPI) |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799133018608107520 |