Title :
Hardware Trojan Horse Device Based on Unintended USB Channels
Author :
Clark, John ; Leblanc, Sylvain ; Knight, Scott
Author_Institution :
Electr. & Comput. Eng. Dept., R. Mil. Coll. of Canada, Kingston, ON, Canada
Abstract :
This paper discusses research activities that investigated the risk associated with USB devices. The research focused on identifying, characterizing and modelling unintended USB channels in contemporary computer systems. Such unintended channels can be used by a USB hardware Trojan horse device to create two way communications with a targeted network endpoint, thus violating the integrity and confidentiality of the data residing on the endpoint. The work was validated through the design and implementation of a proof of concept hardware Trojan horse device that uses two such unintended USB channels to successfully interact with a target network endpoint to compromise and exfiltrate data from it.
Keywords :
data integrity; invasive software; peripheral interfaces; USB hardware Trojan horse device; contemporary computer system; data confidentiality violation; data exfiltration; data integrity violation; target network interaction; unintended USB device channel; Communication system security; Computer networks; Computer security; Hardware; Humans; Invasive software; Keyboards; Military computing; Protocols; Universal Serial Bus; Hardware Trojan Horse Device; Unintended USB Channel;
Conference_Titel :
Network and System Security, 2009. NSS '09. Third International Conference on
Conference_Location :
Gold Coast, QLD
Print_ISBN :
978-1-4244-5087-9
Electronic_ISBN :
978-0-7695-3838-9
DOI :
10.1109/NSS.2009.48
