Bad USB MITM: A Network Attack Based on Physical Access and Its Practical Security Solutions

Abstract

Due its universality, Universal Serial Bus (USB) has become the major connecting port of modern computers. Programmability provides convenience between hardware vendors and operating system vendors to develop their products and related firmware.  However, it leads to high risk by opening a door for a potential vulnerability. In the past three years, researchers have attempt to stop and prevent the security influence of compromised products, reported this issue and their suggestion to chips vendors, peripheral vendors and OS vendor, in order to patch up existing vulnerable device and avoid known exploits in the future. In result, none of those vendors could successfully overcome the vulnerabilities, with inactive response to either the reports by security researchers or incidents by hacker communities. Thus, third party organizations and research teams start to take over the problem of "BadUSB" and focus on discovering its solution. In this paper ,we introduce an approach to protect against BadUSB. A comparison between the presented scheme and the existing defense methods demonstrates that the presented approach outperforms the reported approaches in literature.