USBWall: A novel security mechanism to protect against maliciously reprogrammed USB devices

Abstract

ABSTRACTUniversal Serial Bus (USB) is a popular choice of interfacing computer systems with peripherals. With the increasing support of modern operating systems, it is now truly plug-and-play for most USB devices. However, this great convenience comes with a risk that can allow a device to perform arbitrary actions at any time while it is connected. Researchers have confirmed that a simple USB device such as a mass storage device can be disguised to have an additional functionality such as a keyboard. An unauthorized keyboard attachment can compromise the security of the host by allowing arbitrary keystrokes to enter the host. This undetectable threat differs from traditional virus that spreads via USB devices due to the location where it is stored and the way it behaves. We propose a novel way to protect the host via a software/hardware solution we named a USBWall. USBWall uses BeagleBone Black (BBB), a low-cost open-source computer, to act as a middleware to enumerate the devices on behalf of the host. We developed a program to assist the user to identify the risk of a device. We present a simulated USB device with malicious firmware to the USBWall. Based on the results, we confirm that using the USBWall to enumerate USB devices on behalf of the host eliminates risks to the hosts.