USB-based attacks

Nir Nissim; Ran Yahalom; Yuval Elovici

doi:10.1016/j.cose.2017.08.002

USB-based attacks

Nir Nissim, Ran Yahalom, Yuval Elovici

Department of Software and Information Systems Engineering

Ben-Gurion University of the Negev

Research output: Contribution to journal › Review article › peer-review

Abstract

Attackers increasingly take advantage of innocent users who tend to use USB peripherals casually, assuming these peripherals are benign when in fact they may carry an embedded malicious payload that can be used to launch attacks. In recent years, USB peripherals have become an attractive tool for launching cyber-attacks. In this survey, we review 29 different USB-based attacks and utilize our new taxonomy to classify them into four major categories. These attacks target both individuals and organizations; utilize widely used USB peripherals, such as keyboards, mice, flash drives, smartphones etc. For each attack, we address the objective it achieves and identify the associated and vulnerable USB peripherals and hardware.

Original language	American English
Pages (from-to)	675-688
Number of pages	14
Journal	Computers and Security
Volume	70
DOIs	https://doi.org/10.1016/j.cose.2017.08.002
State	Published - 1 Sep 2017

Keywords

Attack
Device
Malicious
Malware
USB

All Science Journal Classification (ASJC) codes

General Computer Science
Law

Access to Document

10.1016/j.cose.2017.08.002

Cite this

@article{7d6e0c9aa28c4187b8a0644316511da1,

title = "USB-based attacks",

abstract = "Attackers increasingly take advantage of innocent users who tend to use USB peripherals casually, assuming these peripherals are benign when in fact they may carry an embedded malicious payload that can be used to launch attacks. In recent years, USB peripherals have become an attractive tool for launching cyber-attacks. In this survey, we review 29 different USB-based attacks and utilize our new taxonomy to classify them into four major categories. These attacks target both individuals and organizations; utilize widely used USB peripherals, such as keyboards, mice, flash drives, smartphones etc. For each attack, we address the objective it achieves and identify the associated and vulnerable USB peripherals and hardware.",

keywords = "Attack, Device, Malicious, Malware, USB",

author = "Nir Nissim and Ran Yahalom and Yuval Elovici",

note = "Publisher Copyright: {\textcopyright} 2017 Elsevier Ltd",

year = "2017",

month = sep,

day = "1",

doi = "10.1016/j.cose.2017.08.002",

language = "American English",

volume = "70",

pages = "675--688",

journal = "Computers and Security",

issn = "0167-4048",

publisher = "Elsevier Ltd.",

}

TY - JOUR

T1 - USB-based attacks

AU - Nissim, Nir

AU - Yahalom, Ran

AU - Elovici, Yuval

PY - 2017/9/1

Y1 - 2017/9/1

N2 - Attackers increasingly take advantage of innocent users who tend to use USB peripherals casually, assuming these peripherals are benign when in fact they may carry an embedded malicious payload that can be used to launch attacks. In recent years, USB peripherals have become an attractive tool for launching cyber-attacks. In this survey, we review 29 different USB-based attacks and utilize our new taxonomy to classify them into four major categories. These attacks target both individuals and organizations; utilize widely used USB peripherals, such as keyboards, mice, flash drives, smartphones etc. For each attack, we address the objective it achieves and identify the associated and vulnerable USB peripherals and hardware.

AB - Attackers increasingly take advantage of innocent users who tend to use USB peripherals casually, assuming these peripherals are benign when in fact they may carry an embedded malicious payload that can be used to launch attacks. In recent years, USB peripherals have become an attractive tool for launching cyber-attacks. In this survey, we review 29 different USB-based attacks and utilize our new taxonomy to classify them into four major categories. These attacks target both individuals and organizations; utilize widely used USB peripherals, such as keyboards, mice, flash drives, smartphones etc. For each attack, we address the objective it achieves and identify the associated and vulnerable USB peripherals and hardware.

KW - Attack

KW - Device

KW - Malicious

KW - Malware

KW - USB

UR - http://www.scopus.com/inward/record.url?scp=85028880733&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2017.08.002

DO - 10.1016/j.cose.2017.08.002

M3 - Review article

SN - 0167-4048

VL - 70

SP - 675

EP - 688

JO - Computers and Security

JF - Computers and Security

ER -

USB-based attacks

Abstract

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this