Abstract
A BadUSB is a Universal Serial Bus (USB) device (usually a mass storage device) whose firmware has been modified so as to spoof itself as another device (such as a keyboard) in order to avoid being scanned by an anti-virus. This way, a pre-written script runs, after the infected USB device is plugged-in, and keystrokes from a keyboard are simulated. This can cause an attacker to install backdoors, keyloggers, password sniffers etc. This paper attempts to solving this problem by presenting hardware—software coupled design which allows the user to have an additional layer of security so that such devices can be identified and stopped.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Nohl, K., Lell, J., Kri, S.: Turning USB peripherals into BadUSB (2014) [Online]. Available: https://srlabs.de/badusb/
Nohl, K., Kri, S., Lell, J.: BadUSB—on accessories that turn evil (2014)
USB Mass Storage Device (2011) [Online] http://docshare01.docshare.tips/files/5761/57611265.pdf
Caudill, Adam, Wilson, Brandon: Making BadUSB work for you. Derbycon, Location (2014)
USB in a Nutshell. Making Sense of the USB Standard
Davies, Z.: “USB,” Ziff Davies Inc (2010)
Li, G., Li, M., Zhao, G., Zang, J.: Research on USB driver for data acquisition. In: 2010 2nd International Conference on Future Computer and Communication (ICFCC), pp. V2-74-V2-78 (2010)
Cui, A., Costello, M., Stolfo, S.J.: When firmware modifications attack: a case study of embedded exploitation. In: Presented at the 20th Annual Network and Distributed System Security Symposium (2013)
Basnight, Z., Butts, J., Lopez, J., Dube, T.: Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 6, 76–84 (2013)
Denning, D.E.: Stuxnet: what has changed? Future Internet 4, 672–687 (2012)
Password Stealing USB [Online]. Available: http://www.gohacking.com/hack-passwords-using-usb-drive/
Beegle, L.E.: Rootkits and their effects on information security. Inf. Syst. Secur. 16, 164–176 (2007)
M. B. Solutions “User’s Guide,” no. February 2004
Project BadUSB [Online]. Available: https://opensource.srlabs.de/projects/badusb
Universal serial bus device class specification for device firmware upgrade, pp. 1–44 (1999)
Alcor: Alcor MP AU698x 100517 firmware [Online]. Available: http://www.flashdrive-repair.com/2013/06/download-alcor-mp-au698x-100517-firmware.html
Flashboot.ru: RecoverTool [Online]. Available: http://flashboot.ru/iflash/page5/
F. D. Repair, “SK6211_PDT_20090828.” [Online]. Available: http://www.flashdrive-repair.com/2014/09/download-skymedi-sk6211-pdt-20090828.html
Flashboot.ru,“3S_MP_Utility_v2162.” [Online]. Available: http://flashboot.ru/files/file/270/
Flashboot.ru, “Innostor_IS903_MP_Package.” [Online]. Available: http://flashboot.ru/files/file/379/
Caudill A.: Psychson—BadUSB code [Online]. Available: https://github.com/adamcaudill/Psychson/
Logitech, “G5Update12.exe.” [Online]. Available: http://www.logitech.com/pub/techsupport/mouse/G5Update12.exe
Tian, D.J., Bates, A., Butler, K.: Defending against malicious USB firmware with GoodUSB. Acsac, pp. 261–270 (2015)
D. Control and A. Control, “BadUSB- sticks locked out DriveLock Device Control protects against BadUSB Ludwigsburg, August 2014. Companies that want to protect against infection of a so-called BadUSB sticks have an effective solution with the award winning DriveLock Device Control,” 2014
Endpoint Protector [Online]. Available: http://www.endpointprotector.com/solutions/badusb-threats-risks-and-how-to-protect-yourself
Imation, “Ironkey.” [Online]. Available: http://www.ironkey.com/en-US/solutions/protect-against-badusb.html
Ducklin, P.: Never trust a USB device again [Online]. Available: https://nakedsecurity.sophos.com/2014/08/02/badusb-what-if-you-could-never-trust-a-usb-device-again/
USB Debug Techniques [Online]. Available: http://processors.wiki.ti.com/index.php/USB_Debug_Techniques#USB_protocol_analyze
Totalphase, “Beagle USB 12 Protocol Analyser” [Online]. Available: http://www.totalphase.com/products/beagle-usb12/
Ellisys, “USB Explorer 200, USB Protocol Analyser” [Online]. Available: http://www.ellisys.com/products/usbex200/
Virtual USB Analyser [Online]. Available: http://vusb-analyzer.sourceforge.net/
Teledyne, Mercury T2 Protocol analyser [Online]. Available: http://teledynelecroy.com/protocolanalyzer/protocoloverview.aspx?seriesid=414
Frontline, ComProbe USB [Online]. Available: http://www.fte.com/products/FTS4USB-details.aspx
B. Logic, USB a NutShell.” [Online]. Available: http://www.beyondlogic.org/usbnutshell
Griscioli, F., Pizzonia, M., Sacchetti, M.: USBCheckIn: Preventing BadUSB attacks by forcing human-device interaction. 2016 14th Annual Conference on Privacy, Security and Trust (PST). IEEE (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Shafique, U., Zahur, S.B. (2020). Towards Protection Against a USB Device Whose Firmware Has Been Compromised or Turned as ‘BadUSB’. In: Arai, K., Bhatia, R. (eds) Advances in Information and Communication. FICC 2019. Lecture Notes in Networks and Systems, vol 70. Springer, Cham. https://doi.org/10.1007/978-3-030-12385-7_66
Download citation
DOI: https://doi.org/10.1007/978-3-030-12385-7_66
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12384-0
Online ISBN: 978-3-030-12385-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)