{"title":"内部人员使用的USB硬件木马设备的相关风险","authors":"John Clark, Sylvain P. Leblanc, S. Knight","doi":"10.1109/SYSCON.2011.5929130","DOIUrl":null,"url":null,"abstract":"This paper extends the discussion of potential damage that can be done by Hardware Trojan Horse devices by discussing the specific risks associated with an Insider's use of such a device to circumvent established security policies, even when these are implemented with state of the art Endpoint Security Solutions. The paper argues that a specific category of Hardware Trojan Horse devices, those implemented as functional peripheral devices, are particularly dangerous when used by a malicious Insider. The research discusses the implementation of a proof of concept Hardware Trojan Horse device, implemented as a USB Human Interface Devices, that exploits unintended USB channels to exfiltrate data from a computer. The work discusses unintended USB channels, paying particular attention to the observability of the channel in operation. Various scenarios are presented to show that Hardware Trojan Horse devices implemented as peripheral devices can be used to prosecute a wide variety of attacks that are not mitigated by modern defensive techniques. The work demonstrates that a Hardware Trojan Horse device and physical access by a malicious Insider are sufficient to compromise a modern computer system. The paper argues that the study of Hardware Trojan devices must become an integral part of research on Insider Threats.","PeriodicalId":109868,"journal":{"name":"2011 IEEE International Systems Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Risks associated with USB Hardware Trojan devices used by insiders\",\"authors\":\"John Clark, Sylvain P. Leblanc, S. Knight\",\"doi\":\"10.1109/SYSCON.2011.5929130\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper extends the discussion of potential damage that can be done by Hardware Trojan Horse devices by discussing the specific risks associated with an Insider's use of such a device to circumvent established security policies, even when these are implemented with state of the art Endpoint Security Solutions. The paper argues that a specific category of Hardware Trojan Horse devices, those implemented as functional peripheral devices, are particularly dangerous when used by a malicious Insider. The research discusses the implementation of a proof of concept Hardware Trojan Horse device, implemented as a USB Human Interface Devices, that exploits unintended USB channels to exfiltrate data from a computer. The work discusses unintended USB channels, paying particular attention to the observability of the channel in operation. Various scenarios are presented to show that Hardware Trojan Horse devices implemented as peripheral devices can be used to prosecute a wide variety of attacks that are not mitigated by modern defensive techniques. The work demonstrates that a Hardware Trojan Horse device and physical access by a malicious Insider are sufficient to compromise a modern computer system. The paper argues that the study of Hardware Trojan devices must become an integral part of research on Insider Threats.\",\"PeriodicalId\":109868,\"journal\":{\"name\":\"2011 IEEE International Systems Conference\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-04-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE International Systems Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYSCON.2011.5929130\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE International Systems Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYSCON.2011.5929130","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Risks associated with USB Hardware Trojan devices used by insiders
This paper extends the discussion of potential damage that can be done by Hardware Trojan Horse devices by discussing the specific risks associated with an Insider's use of such a device to circumvent established security policies, even when these are implemented with state of the art Endpoint Security Solutions. The paper argues that a specific category of Hardware Trojan Horse devices, those implemented as functional peripheral devices, are particularly dangerous when used by a malicious Insider. The research discusses the implementation of a proof of concept Hardware Trojan Horse device, implemented as a USB Human Interface Devices, that exploits unintended USB channels to exfiltrate data from a computer. The work discusses unintended USB channels, paying particular attention to the observability of the channel in operation. Various scenarios are presented to show that Hardware Trojan Horse devices implemented as peripheral devices can be used to prosecute a wide variety of attacks that are not mitigated by modern defensive techniques. The work demonstrates that a Hardware Trojan Horse device and physical access by a malicious Insider are sufficient to compromise a modern computer system. The paper argues that the study of Hardware Trojan devices must become an integral part of research on Insider Threats.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
