USB HID攻击与防护技术综述

摘要/Abstract

摘要： USB HID攻击技术是近年来新兴的一种恶意硬件攻击技术，利用USB HID协议漏洞伪造用户击键内容获取控制权限.这种技术将恶意代码隐藏在芯片固件内，现有的反病毒软件和入侵检测系统无法防御.而且它发展迅速，波及范围广，已经严重威胁到了用户的隐私安全.从USB协议层面分析了这种攻击技术的原理，并总结整理了这种技术自出现以来至今的发展历程.并且对比分析现有防护技术优劣，并由此讨论了未来安全体系应对恶意硬件的防护策略.

关键词: USB HID设备, 攻击与防护, 恶意硬件, USB枚举, 主动认证, 隐私保护

Abstract: A novel USB attack technology called USB HID attack is emerging, which is an attack using USB HID protocol vulnerabilities. This technology will hide malicious code in the chip firmware, so that it cannot be detected by existing antivirus software and intrusion detection systems. It has been a serious threat to the security of users privacy due to rapid spread and extreme destruction. This paper analyzes the principle of this attack technology from USB protocol level, and summarizes the development of this technology since its emergence. Moreover, this paper compares the advantages and disadvantages of the existing protection technology. Finally, this paper discusses how the future security system deals with malicious hardware.

Key words: USB HID device, attack and defense, malicious hardware, USB enumeration, active authentication, privacy protection

姜建国. USB HID攻击与防护技术综述[J]. 信息安全研究, 2017, 3(2): 129-138.

参考文献

［1］Chen T M, AbuNimeh S. Lessons from Stuxnet［J］. Computer, 2011, 44(4): 9193［2］Orrey K. A survey of USB exploit mechanisms, profiling Stuxnet and the possible adaptive measures that could have made it more effective［R］. Bristol, UK: Vulnerability Assessment, 2011［3］Forum U I. USB Class Codes［EBOL］. (20151105) ［20151220］. http:www.usb.orgdevelopersdefined_class#BaseClass0Fh［4］Forum U I. Universal Serial Bus HID Usage Tables［SOL］. 2004 ［20151220］. http:www.usb.org［5］刘荣. 圈圈教你玩USB［M］. 2版. 北京: 北京航空航天大学出版社, 2013: 10155［6］Forum U I. Universal Serial Bus Device Class Definition for Human Interface Devices (HID)［SOL］. 2001 ［20151220］. http:www.usb.org［7］Forum U I. Universal Serial Bus Specification Revision 2.0［SOL］. 2000 ［20151220］. http:www.usb.org［8］Weis S. Protecting data inuse from firmware and physical attacks［R］. Las Vegas: BlackHat USA, 2014［9］Pisani J, Carugati P, Rushing R. USBHID hacker interface design［R］. Las Vegas: BlackHat USA, 2010［10］Rabbit_Run. BadUSB的前世今生: USB rubber ducky和teensy USB［EBOL］. (20141017) ［20151220］. http:www.freebuf.comtools47411.html［11］Schumilo S, Spenneberg R, Schwartke H. Dont trust your USB! How to find bugs in USB device drivers［R］. Amsterdam: BlackHat Europe, 2014［12］Wang Zhaohui, Stavrou A. Exploiting smartphone USB connectivity for fun and profit［C］ Proc of the 26th Annual Computer Security Applications Conf (ACSAC 2010). New York: ACM, 2010: 357366［13］Adrian C. Plug and prey: Malicious USB devices［JOL］. 2011 ［20120302］. http:www.irongeek.comdownloadsMalicious%20USB%20Devices.pdf［14］Nohl K, Lell J. BadUSB—On accessories that turn evil［R］. Las Vegas: BlackHat USA, 2014［15］Maskiewicz J, Ellis B, Mouradian J, et al. Mouse trap: Exploiting firmware updates in USB peripherals［C］ Proc of the 8th USENIX Workshop on Offensive Technologies (WOOT 14). Berkeley: UESNIX Association, 2014: 110［16］Brocker M, Checkoway S. iSeeYou: Disabling the MacBook webcam indicator LED［C］ Proc of USENIX Conf on Security Symp. Berkeley: UESNIX Association, 2014: 337352［17］Tzokatziou G, Maglaras L, Janicke H, et al. Exploiting SCADA vulnerabilities using a human interface device［J］. International Journal of Advanced Computer Science & Applications, 2015, 6(7): 234241［18］吕志强, 刘喆, 常子敬, 等. 恶意USB设备攻击与防护技术研究［J］. 信息安全研究, 2016, 2(2): 150158［19］Wang Zhaohui, Johnson R, Stavrou A. Attestation & authentication for USB communications［C］ Proc of the 6th IEEE Int Conf on Software Security and Reliability Companion (SEREC). Washington, DC: IEEE Computer Society, 2012: 4344［20］Barbhuiya F A, Saikia T, Nandi S. An anomaly based approach for HID attack detection using keystroke dynamics［M］ Cyberspace Safety and Security. Berlin: Springer, 2012: 139152［21］Jeanne G, Desplanques F. Attacks using malicious devices: A way to protect yourself against physical access［C］ Proc of the 2nd Int Symp on Research in GreyHat Hacking. Berlin: Springer, 2013: 130137［22］Kang M. USBWall: A novel security mechanism to protect against maliciously reprogrammed USB devices［D］. Lawrence: University of Kansas, 2015［23］Lee B, Lee J H. Blockchainbased secure firmware update for embedded devices in an Internet of things environment［J］. Journal of Supercomputing, 2016, 72(9): 116［24］Tian Jing, Bates A, Butler K. Defending against malicious USB firmware with GoodUSB［C］ Proc of the Computer Security Applications Conf. New York: ACM, 2015: 261270［25］Sebastian P, Jan G. A honeypot for arbitrary malware on USB storage devices［C］ Proc of the 7th Int Conf on Risk and Security of Internet and Systems. Washington, DC: IEEE Computer Society, 2012: 18［26］Provos N. A virtual honeypot framework［C］ Proc of USENIX Security Symp. Berkeley: UESNIX Association, 2004: 114［27］Angel S, Wahby R S, Howald M, et al. Defending against malicious peripherals with Cinch［C］ Proc of USENIX Security Symp. Berkeley: UESNIX Association, 2016: 396414［28］Guidorizzi R P. Security: Active authentication［J］. It Professional, 2013, 15(4): 47［29］Fridman A, Stolerman A, Acharya S, et al. Decision Fusion for multimodal active authentication［J］. It Professional, 2013, 15(4): 2933［30］Li Fudong, Clarke N, Papadaki M, et al. Active authentication for mobile devices utilising behaviour profiling［J］. International Journal of Information Security, 2014, 13(3): 229244

[1]	魏国富石英村. 人工智能数据安全治理与技术发展概述?[J]. 信息安全研究, 2021, 7(2): 110-119.
[2]	赵剑董文华安天博匡哲君史丽娟徐大伟. 面向医疗隐私保护的双区块链模型研究[J]. 信息安全研究, 2021, 7(2): 136-144.
[3]	仲蓓鑫林浩孔苏鹏程实. 基于区块链技术的多源网络数据隐私保护方法[J]. 信息安全研究, 2021, 7(1): 86-89.
[4]	李俊柴海新. 生物特征识别隐私保护研究[J]. 信息安全研究, 2020, 6(7): 589-601.
[5]	梅秋丽龚自洪刘尚焱王妮娜. 区块链平台安全机制研究梅秋丽1[J]. 信息安全研究, 2020, 6(1): 25-36.
[6]	周艺华李洪明. 基于区块链的数据管理方案[J]. 信息安全研究, 2020, 6(1): 37-45.
[7]	江茜. 大数据安全审计框架及关键技术研究[J]. 信息安全研究, 2019, 5(5): 400-405.
[8]	谷勇浩郭振洋刘威歆. 匿名化隐私保护技术性能评估方法研究[J]. 信息安全研究, 2019, 5(4): 293-297.
[9]	贺铮张伟林东岱. 智能电网中无需可信第三方的隐私保护数据聚合方案[J]. 信息安全研究, 2019, 5(12): 1059-1067.
[10]	霍成义. 云计算数据隐私保护关键技术研究[J]. 信息安全研究, 2019, 5(12): 1106-1109.
[11]	李兆森杨洋. 基于国产密码算法的物联网应用研究[J]. 信息安全研究, 2019, 5(10): 924-928.
[12]	王媛媛. 云计算中用户数据隐私保护关键技术分析[J]. 信息安全研究, 2018, 4(9): 843-845.
[13]	李彬高宗宁崔苏. 基于移动终端位置的隐私泄露及隐私保护方法概述[J]. 信息安全研究, 2018, 4(8): 698-703.
[14]	潘洪志方群何昕. 一种改进的多用户多副本数据完整性验证方案[J]. 信息安全研究, 2018, 4(6): 526-532.
[15]	颜军胡静温阁田堉攀. 基于节点特征的不确定图社交网络隐私保护方法[J]. 信息安全研究, 2018, 4(6): 533-538.