{"title":"基于标准描述符和动态密钥特征的APT恶意USB存储设备检测","authors":"Hung-Chang Chang","doi":"10.1109/AsiaJCIS.2017.22","DOIUrl":null,"url":null,"abstract":"Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Based on Standard Descriptors and Dynamic Key Features to Detect Malicious USB Storage Devices in APT\",\"authors\":\"Hung-Chang Chang\",\"doi\":\"10.1109/AsiaJCIS.2017.22\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.\",\"PeriodicalId\":108636,\"journal\":{\"name\":\"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)\",\"volume\":\"104 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AsiaJCIS.2017.22\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AsiaJCIS.2017.22","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Based on Standard Descriptors and Dynamic Key Features to Detect Malicious USB Storage Devices in APT
Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
