Review of USB Device Security Technology

Abstract

Abstract: The emergence of the USB (universal serial bus) interface has brought convenience to users. However, the convenience and the use of extensive make it one of the attackers targets. Common USB attacks include USB ferry attacks and USB HID attacks. This paper analyzes several common USB attacks, summarizes the detection and protection techniques for USB attacks at home and abroad. At the same time, this paper analyzes the advantages and disadvantages of each protection technique. In the end, combined with various protection techniques, we propose protection strategies against USB attacks and future development directions.

Key words: USB (universal serial bus) device security, USB attack, USB composite device, malicious USB device, peripheral equipment

摘要： 通用串行总线(universal serial bus, USB)接口的出现为用户带来了便利，但也正由于它的便利性、使用广泛性使得其成为攻击者的攻击目标之一.常见的USB攻击主要有USB摆渡攻击和USB HID攻击.从USB攻击技术出发，分析了几种常见的USB攻击技术的原理，着重总结整理了国内外针对USB攻击的检测防护技术，并分析了各防护技术的优劣，同时，结合各防护技术提出了应对USB攻击的防护策略及未来的发展方向.

关键词: USB设备安全, USB攻击, USB复合设备, 恶意USB设备, 外设

吕志强薛亚楠张宁陆云. USB设备安全技术研究综述[J]. 信息安全研究, 2018, 4(7): 639-645.

References

［1］蒋平, 李冬静. 信息对抗［M］. 北京: 清华大学出版社, 2007 ［2］USB Implementers Forum, Inc. Universal Serial Bus Revision 3.2 Specification［S/OL］. (2017-09-22)［2018-03-25］. http://www.usb.org/developers/docs/ ［3］USB Implementers Forum, Inc. Universal Serial Bus Revision 2.0 Specification［S/OL］. (2000-04-27)［2018-03-25］. http://www.usb.org/developers/docs/usb20_docs/ ［4］姜建国, 常子敬, 吕志强, 等. USB HID攻击与防护技术综述［J］. 信息安全研究, 2017, 3(2): 129138 ［5］熊玉朋, 陈兴欣, 庞俊锐. 一种新型移动保密存储设备［J］. 现代电子技术, 2010, 33(5): 8991 ［6］Larimer J. USB autorun attacks against linux［OL］. (2011-04-09)［2018-03-25］. http://anti-reversing.com/Downloads/HES_2011_Presentations/USB%20Autorun%20attacks%20against%20Linux%20-%20Jon%20Larimer.pdf ［7］微软大中华区安全组. 应对AutoRun的威胁环境，Windows做出改动［EB/OL］. (2009-04-30)［2018-03-25］. https://blogs.technet.microsoft.com/gcrsec/2009/04/30/autorun-windows/ ［8］Chen T M, Abu-Nimeh S. Lessons from stuxnet［J］. Computer, 2011, 44(4): 9193 ［9］谢嘉辰, 李新明. 震网病毒剖析［C］ //全国电子信息技术与应用学术会议论文集. 武汉: 美国科研出版社, 2011: 195199 ［10］吕志强, 刘喆, 常子敬, 等. 恶意USB设备攻击与防护技术研究［J］. 信息安全研究, 2016, 2(2): 150158 ［11］钱豪. USB设备枚举过程及代码设计［J］. 电脑知识与技术, 2010, 6(19): 52695272 ［12］Rushing R. USB HID: The hacking interface design［OL］. (2010-07-29)［2018-03-25］. https://media.blackhat.com/bh-us-10/presentations/Rushing/BlackHat-USA-2010-Rushing-USB-HID-slides.pdf ［13］Adrian C. Programmable HID USB keyboard/mouse dongle for pen-testing［OL］. 2011 ［2018-03-25］. https://archive.org/details/sc2011_Malicious_USB_Devices ［14］Hesseldahl A. You won’t believe all the crazy hardware the NSA uses for spying［N/OL］. All Things Digital, (2013-12-30)［2018-03-26］. http://allthingsd.com/20131230/you-wont-believe-all-the-crazy-hardware-the-nsa-uses-for-spying/ ［15］Schneier B. COTTONMOUTH-II: NSA exploit of the day［EB/OL］. (2014-03-06)［2018-03-26］. https://www.schneier.com/blog/archives/2014/03/cottonmouth-ii.html［16］Schneier B. COTTONMOUTH-III: NSA exploit of the day［EB/OL］. (2014-03-07)［2018-03-26］. https://www.schneier.com/blog/archives/2014/03/cottonmouth-iii.html［17］Nohl K, Lell J. BadUSB: On accessories that turn evil［OL］. (2014-08-07)［2018-03-25］. http://files.meetup.com/18709783/SRLabs-BadUSB-BlackHat-v1.pdf ［18］Ary B. 中国烧鹅系列：利用烧鹅自动获得反弹SHELL［EB/OL］. (2015-05-21)［2018-03-26］. http://www.freebuf.com/articles/67931.html ［19］Guri M, Monitz M, Elovici Y. USBee: Air-gap covert-channel via electromagnetic emission from USB［C］ //Proc of PST2017. Piscataway, NJ: IEEE, 2017: 264268 ［20］Williams M, Stanley R. If you give a mouse a microchip, it will execute a payload and cheat at your high-stakes video game tournament［OL］. (2017-07-29)［2018-03-25］. https://www.defcon.org/html/defcon-25/dc-25-speakers.html#Williams ［21］Micro T. USB malware implicated in fileless attacks［EB/OL］. (2017-08-30)［2018-03-26］. https://blog.trendmicro.com/trendlabs-security-intelligence/usb-malware-implicated-fileless-attacks/ ［22］Cimpanu C. It’s 2018 and you can still pown your linux box by plugging in a USB stick［EB/OL］. (2018-02-12)［2018-03-27］. https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/ ［23］张赟, 蔡皖东, 王玥. 基于IRP拦截技术的USB设备监控系统［J］. 微电子学与计算机, 2005, 22(12): 179183 ［24］李锦山, 舒辉, 董卫宇, 等. 基于驱动层的USB存储设备安全监控技术［J］. 计算机工程, 2008, 34(8): 255257 ［25］Gao T, Ding Y W, Dai S C. Research of access control of USB storage device with information security in unauthorized internet access monitoring system［C］ //Proc of Int Conf on Computational Intelligence and Software Engineering. Piscataway, NJ: IEEE, 2009: 15 ［26］卢志刚, 刘建华, 刘宝旭, 等. 基于HID的USB监控技术的设计与实现［J］. 计算机工程, 2010, 36(4): 13 ［27］Wang Z, Johnson R, Stavrou A. Attestation & authentication for USB communications［C］ //Proc of the 6th IEEE Int Conf on Software Security and Reliability Companion. Los Alamitos. CA: IEEE Computer Society, 2012: 4344 ［28］Desplanques F, Jeanne G. Attacks using malicious devices a way to protect yourself against physical access［OL］. 2013 ［2018-03-25］. https://ensiwiki.ensimag.fr/images/3/3a/SecurIMAG-2013-07-18-Attacks_Using_Malicious_Devices-Fran%C3%A7ois_Desplanques-Guillaume_Jeanne.pdf ［29］Schumilo S, Spenneberg R. Don’t trust your USB! How to find bugs in USB device drivers［OL］. (2014-10-16)［2018-03-25］. https://www.blackhat.com/docs/eu-14/materials/eu-14-Schumilo-Dont-Trust-Your-USB-How-To-Find-Bugs-In-USB-Device-Drivers-wp.pdf ［30］Tian D J, Bates A, Butler K. Defending against malicious USB firmware with GoodUSB［C］ //Proc of Computer Security Applications Conf. New York: ACM, 2015: 261270 ［31］Kang M, Saiedian H. USBWall: A novel security mechanism to protect against maliciously reprogrammed USB devices［J］. Information Security Journal A Global Perspective, 2015, 26(365): 120 ［32］Griscioli F, Pizzonia M, Sacchetti M. USBCheckIn: Preventing BadUSB attacks by forcing human-device interaction［C］ //Proc of PST2017. Piscataway, NJ: IEEE, 2017: 493496 ［33］常子敬. USB设备攻击与检测技术研究与实现［D］. 北京：中国科学院大学, 2017 ［34］Fu J, Huang J, Zhang L. Curtain: Keep your hosts away from USB attacks［C］ //Proc of Int Conf on Information Security. Berlin: Springer, 2017: 455471