{"title":"Based on Standard Descriptors and Dynamic Key Features to Detect Malicious USB Storage Devices in APT","authors":"Hung-Chang Chang","doi":"10.1109/AsiaJCIS.2017.22","DOIUrl":null,"url":null,"abstract":"Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AsiaJCIS.2017.22","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
