Skip to main content
SpringerLink
Log in

Towards Protection Against a USB Device Whose Firmware Has Been Compromised or Turned as ‘BadUSB’

  • Conference paper
  • First Online:
Advances in Information and Communication (FICC 2019)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 70))

Included in the following conference series:

Abstract

A BadUSB is a Universal Serial Bus (USB) device (usually a mass storage device) whose firmware has been modified so as to spoof itself as another device (such as a keyboard) in order to avoid being scanned by an anti-virus. This way, a pre-written script runs, after the infected USB device is plugged-in, and keystrokes from a keyboard are simulated. This can cause an attacker to install backdoors, keyloggers, password sniffers etc. This paper attempts to solving this problem by presenting hardware—software coupled design which allows the user to have an additional layer of security so that such devices can be identified and stopped.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Nohl, K., Lell, J., Kri, S.: Turning USB peripherals into BadUSB (2014) [Online]. Available: https://srlabs.de/badusb/

  2. Nohl, K., Kri, S., Lell, J.: BadUSB—on accessories that turn evil (2014)

    Google Scholar 

  3. USB Mass Storage Device (2011) [Online] http://docshare01.docshare.tips/files/5761/57611265.pdf

  4. Caudill, Adam, Wilson, Brandon: Making BadUSB work for you. Derbycon, Location (2014)

    Google Scholar 

  5. USB in a Nutshell. Making Sense of the USB Standard

    Google Scholar 

  6. Davies, Z.: “USB,” Ziff Davies Inc (2010)

    Google Scholar 

  7. Li, G., Li, M., Zhao, G., Zang, J.: Research on USB driver for data acquisition. In: 2010 2nd International Conference on Future Computer and Communication (ICFCC), pp. V2-74-V2-78 (2010)

    Google Scholar 

  8. Cui, A., Costello, M., Stolfo, S.J.: When firmware modifications attack: a case study of embedded exploitation. In: Presented at the 20th Annual Network and Distributed System Security Symposium (2013)

    Google Scholar 

  9. Basnight, Z., Butts, J., Lopez, J., Dube, T.: Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 6, 76–84 (2013)

    Article  Google Scholar 

  10. Denning, D.E.: Stuxnet: what has changed? Future Internet 4, 672–687 (2012)

    Article  Google Scholar 

  11. Password Stealing USB [Online]. Available: http://www.gohacking.com/hack-passwords-using-usb-drive/

  12. Beegle, L.E.: Rootkits and their effects on information security. Inf. Syst. Secur. 16, 164–176 (2007)

    Article  Google Scholar 

  13. M. B. Solutions “User’s Guide,” no. February 2004

    Google Scholar 

  14. Project BadUSB [Online]. Available: https://opensource.srlabs.de/projects/badusb

  15. Universal serial bus device class specification for device firmware upgrade, pp. 1–44 (1999)

    Google Scholar 

  16. Alcor: Alcor MP AU698x 100517 firmware [Online]. Available: http://www.flashdrive-repair.com/2013/06/download-alcor-mp-au698x-100517-firmware.html

  17. Flashboot.ru: RecoverTool [Online]. Available: http://flashboot.ru/iflash/page5/

  18. F. D. Repair, “SK6211_PDT_20090828.” [Online]. Available: http://www.flashdrive-repair.com/2014/09/download-skymedi-sk6211-pdt-20090828.html

  19. Flashboot.ru,“3S_MP_Utility_v2162.” [Online]. Available: http://flashboot.ru/files/file/270/

  20. Flashboot.ru, “Innostor_IS903_MP_Package.” [Online]. Available: http://flashboot.ru/files/file/379/

  21. Caudill A.: Psychson—BadUSB code [Online]. Available: https://github.com/adamcaudill/Psychson/

  22. Logitech, “G5Update12.exe.” [Online]. Available: http://www.logitech.com/pub/techsupport/mouse/G5Update12.exe

  23. Tian, D.J., Bates, A., Butler, K.: Defending against malicious USB firmware with GoodUSB. Acsac, pp. 261–270 (2015)

    Google Scholar 

  24. D. Control and A. Control, “BadUSB- sticks locked out DriveLock Device Control protects against BadUSB Ludwigsburg, August 2014. Companies that want to protect against infection of a so-called BadUSB sticks have an effective solution with the award winning DriveLock Device Control,” 2014

    Google Scholar 

  25. Endpoint Protector [Online]. Available: http://www.endpointprotector.com/solutions/badusb-threats-risks-and-how-to-protect-yourself

  26. Imation, “Ironkey.” [Online]. Available: http://www.ironkey.com/en-US/solutions/protect-against-badusb.html

  27. Ducklin, P.: Never trust a USB device again [Online]. Available: https://nakedsecurity.sophos.com/2014/08/02/badusb-what-if-you-could-never-trust-a-usb-device-again/

  28. USB Debug Techniques [Online]. Available: http://processors.wiki.ti.com/index.php/USB_Debug_Techniques#USB_protocol_analyze

  29. Totalphase, “Beagle USB 12 Protocol Analyser” [Online]. Available: http://www.totalphase.com/products/beagle-usb12/

  30. Ellisys, “USB Explorer 200, USB Protocol Analyser” [Online]. Available: http://www.ellisys.com/products/usbex200/

  31. Virtual USB Analyser [Online]. Available: http://vusb-analyzer.sourceforge.net/

  32. Teledyne, Mercury T2 Protocol analyser [Online]. Available: http://teledynelecroy.com/protocolanalyzer/protocoloverview.aspx?seriesid=414

  33. Frontline, ComProbe USB [Online]. Available: http://www.fte.com/products/FTS4USB-details.aspx

  34. B. Logic, USB a NutShell.” [Online]. Available: http://www.beyondlogic.org/usbnutshell

  35. Griscioli, F., Pizzonia, M., Sacchetti, M.: USBCheckIn: Preventing BadUSB attacks by forcing human-device interaction. 2016 14th Annual Conference on Privacy, Security and Trust (PST). IEEE (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Bahria University Islamabad, Islamabad, Pakistan

    Usman Shafique

  2. Department of Computer Science, Comsats University Islamabad, Islamabad, Pakistan

    Shorahbeel Bin Zahur

Authors
  1. Usman Shafique
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shorahbeel Bin Zahur
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Usman Shafique .

Editor information

Editors and Affiliations

  1. Faculty of Science and Engineering, Saga University, Saga, Japan

    Kohei Arai

  2. The Science and Information (SAI) Organization, Bradford, UK

    Rahul Bhatia

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shafique, U., Zahur, S.B. (2020). Towards Protection Against a USB Device Whose Firmware Has Been Compromised or Turned as ‘BadUSB’. In: Arai, K., Bhatia, R. (eds) Advances in Information and Communication. FICC 2019. Lecture Notes in Networks and Systems, vol 70. Springer, Cham. https://doi.org/10.1007/978-3-030-12385-7_66

Download citation

Publish with us

Policies and ethics

Search

Navigation