Visible to the public Reducing USB Attack Surface: A Lightweight Authentication and Delegation Protocol

TitleReducing USB Attack Surface: A Lightweight Authentication and Delegation Protocol
Publication TypeConference Paper
Year of Publication2018
AuthorsMahboubi, A., Camtepe, S., Morarji, H.
Conference Name2018 International Conference on Smart Computing and Electronic Enterprise (ICSCEE)
Date PublishedJuly 2018
ISBN Number978-1-5386-4838-4
KeywordsAir gaps, air-gapped networks, authentication, coloured Petri nets, Coloured Petri Nets (CPN) modelling, composability, Computational modeling, corporate network, cryptographic protocols, delegation protocol, epidemic model., Filtering, free malware equilibrium, Human Behavior, intentional piggybacking, Internet of Things (IoT), invasive software, lightweight authentication, Malware, malware infection, malware spread, Metrics, mobile device, mobile malware, network communications, Petri nets, privately owned smart device, Protocols, pubcrawl, radiofrequency identification, resilience, Resiliency, safest places, secure places, Servers, smart phones, unintentional piggybacking, Universal Serial Bus, USB attack surface, USB connection streams, USB security, USB storage

A privately owned smart device connected to a corporate network using a USB connection creates a potential channel for malware infection and its subsequent spread. For example, air-gapped (a.k.a. isolated) systems are considered to be the most secure and safest places for storing critical datasets. However, unlike network communications, USB connection streams have no authentication and filtering. Consequently, intentional or unintentional piggybacking of a malware infected USB storage or a mobile device through the air-gap is sufficient to spread infection into such systems. Our findings show that the contact rate has an exceptional impact on malware spread and destabilizing free malware equilibrium. This work proposes a USB authentication and delegation protocol based on radiofrequency identification (RFID) in order to stabilize the free malware equilibrium in air-gapped networks. The proposed protocol is modelled using Coloured Petri nets (CPN) and the model is verified and validated through CPN tools.

Citation KeymahboubiReducingUSBAttack2018