Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices
Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-03-01
|
| Series: | Journal of Sensor and Actuator Networks |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2224-2708/10/1/19 |
| _version_ | 1827604240259874816 |
|---|---|
| author | José Oliveira Pedro Pinto Henrique Santos |
| author_facet | José Oliveira Pedro Pinto Henrique Santos |
| author_sort | José Oliveira |
| collection | DOAJ |
| description | Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection. |
| first_indexed | 2024-03-09T05:56:14Z |
| format | Article |
| id | doaj.art-62bc328be6c84dbd857fd8b8c18c3ad7 |
| institution | Directory Open Access Journal |
| issn | 2224-2708 |
| language | English |
| last_indexed | 2024-03-09T05:56:14Z |
| publishDate | 2021-03-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Journal of Sensor and Actuator Networks |
| spelling | doaj.art-62bc328be6c84dbd857fd8b8c18c3ad72023-12-03T12:13:39ZengMDPI AGJournal of Sensor and Actuator Networks2224-27082021-03-011011910.3390/jsan10010019Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB DevicesJosé Oliveira0Pedro Pinto1Henrique Santos2Instituto Politécnico de Viana do Castelo, 4900-347 Viana do Castelo, PortugalInstituto Politécnico de Viana do Castelo, 4900-347 Viana do Castelo, PortugalDepartment of Information Systems, Universidade do Minho, 4800-058 Guimarães, PortugalCyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.https://www.mdpi.com/2224-2708/10/1/19USBthreat assessmentBadUSB attackHIDdistributed architecture |
| spellingShingle | José Oliveira Pedro Pinto Henrique Santos Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices Journal of Sensor and Actuator Networks USB threat assessment BadUSB attack HID distributed architecture |
| title | Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices |
| title_full | Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices |
| title_fullStr | Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices |
| title_full_unstemmed | Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices |
| title_short | Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices |
| title_sort | distributed architecture to enhance systems protection against unauthorized activity via usb devices |
| topic | USB threat assessment BadUSB attack HID distributed architecture |
| url | https://www.mdpi.com/2224-2708/10/1/19 |
| work_keys_str_mv | AT joseoliveira distributedarchitecturetoenhancesystemsprotectionagainstunauthorizedactivityviausbdevices AT pedropinto distributedarchitecturetoenhancesystemsprotectionagainstunauthorizedactivityviausbdevices AT henriquesantos distributedarchitecturetoenhancesystemsprotectionagainstunauthorizedactivityviausbdevices |