Abstract
This paper is meant as an overview of malicious USB devices. The paper will first lay out a proposed set of categories for malicious USB devices, how these categories function, how they differ, and how they can be used by an attacker. Next the paper will offer information on how these threats can be technically detected and mitigated, as well as human practices that can help alleviate the threats posed by malicious USB devices.
Sections:
1. Introduction
2. Background
2.1 USB mass storage containing malware
2.2 U3 thumb drives with "evil" autorun payloads
2.3 Why this paper will focus on the last two categories
2.4 Hardware key loggers
2.5 Programmable HID USB Keyboard Dongle Devices
3. Locking down Windows and Linux against Malicious USB devices
3.1 Locking down Windows Vista and Windows 7 against Malicious USB devices
3.2 Locking down Linux using UDEV
4. Tracking and scanning for malicious USB devices in Windows environments
5. Possible extensions to the USB standards
6. Conclusions
2. Background
2.1 USB mass storage containing malware
2.2 U3 thumb drives with "evil" autorun payloads
2.3 Why this paper will focus on the last two categories
2.4 Hardware key loggers
2.5 Programmable HID USB Keyboard Dongle Devices
3. Locking down Windows and Linux against Malicious USB devices
3.1 Locking down Windows Vista and Windows 7 against Malicious USB devices
3.2 Locking down Linux using UDEV
4. Tracking and scanning for malicious USB devices in Windows environments
5. Possible extensions to the USB standards
6. Conclusions
沒有留言:
張貼留言