USB packets filtering policies and an associated low-cost simulation framework

Abstract

In recent years, USB has become the most popular standard for connecting hosts and peripherals due to its plug-and-play and fast speed features. However, with the emergence of attacks such as badUSB, USB security issues become increasingly prominent. In reaction, different USB protection mechanisms have been proposed, including USB communication filtering. Nevertheless, it is worth noting that currently there is no formalised universal USB filtering strategy, and the vast majority of those filters are implemented at the OS level, leaving a part of the OS and the firmware of USB host controllers unprotected. This paper proposes flexible, formalised, universal USB filtering policies and explores the differences between filtering USB communications at the OS level and directly at the USB packet transmission level. Moreover, we address a simulation framework that can be used in the early stages of research and development to conceive and evaluate USB packet filtering policies.