Please use this identifier to cite or link to this item: https://doi.org/10.15480/882.1279
This item is licensed with a CreativeCommons licence https://creativecommons.org/licenses/by-nc-nd/4.0/
Title: USB devices phoning home
Language: English (United States)
Authors: Schilling, Roland 
Steinmetz, Frieder 
Keywords: USB;rogue chanel;device behavior vs. user intent
Issue Date: 9-Feb-2016
Publisher: BoD–Books on Demand
Source: 23. DFN-Konferenz "Sicherheit in vernetzten Systemen"
Abstract (english): USB is a versatile standard defining various features to allow maximum flexibility for evices. This flexibility, by design, leads to complex device configurations, combining multiple functions into one, making it impossible for users to identify the function of a device by its looks. This can be exploited by crafting programmable USB devices, looking and behaving like an ordinary flash drive that also expose virtual network devices and other functionality to their host OS. This paper outlines such a device, exploiting several USB features to establish a rogue HTTP channel used to leak data stored on the device’s disk to an internet back end. We describe the device itself and its architecture and our conclusions and methods for dealing with the issues presented in a user–friendly way.
URI: http://tubdok.tub.tuhh.de/handle/11420/1282
DOI: 10.15480/882.1279
ISBN: 9783739223131
Institute: Sicherheit in verteilten Anwendungen E-15 
Type: ResearchPaper
Appears in Collections:Publications (tub.dok)

Files in This Item:
File Description SizeFormat
paper.pdf107,17 kBAdobe PDFThumbnail
View/Open
Show full item record

Page view(s)

1,112
Last Week
0
Last month
12
checked on May 19, 2019

Download(s)

564
checked on May 19, 2019

Google ScholarTM

Check

Export

This item is licensed under a Creative Commons License Creative Commons