TY - GEN
T1 - SoK
T2 - 39th IEEE Symposium on Security and Privacy, SP 2018
AU - Tian, Jing
AU - Scaife, Nolen
AU - Kumar, Deepak
AU - Bailey, Michael
AU - Bates, Adam
AU - Butler, Kevin
N1 - Funding Information:
ACKNOWLEDGEMENT This work is supported in part by the US National Science Foundation under grant numbers CNS-1540217, CNS-1564140, CNS-1657534, CNS-1505790, and CNS-1518741, and by the Department of Energy under award DE-OE0000780.
Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/23
Y1 - 2018/7/23
N2 - USB-based attacks have increased in complexity in recent years. Modern attacks now incorporate a wide range of attack vectors, from social engineering to signal injection. To address these challenges, the security community has responded with a growing set of fragmented defenses. In this work, we survey and categorize USB attacks and defenses, unifying observations from both peer-reviewed research and industry. Our systematization extracts offensive and defensive primitives that operate across layers of communication within the USB ecosystem. Based on our taxonomy, we discover that USB attacks often abuse the trust-by-default nature of the ecosystem, and transcend different layers within a software stack; none of the existing defenses provide a complete solution, and solutions expanding multiple layers are most effective. We then develop the first formal verification of the recently released USB Type-C Authentication specification, and uncover fundamental flaws in the specification's design. Based on the findings from our systematization, we observe that while the spec has successfully pinpointed an urgent need to solve the USB security problem, its flaws render these goals unattainable. We conclude by outlining future research directions to ensure a safer computing experience with USB.
AB - USB-based attacks have increased in complexity in recent years. Modern attacks now incorporate a wide range of attack vectors, from social engineering to signal injection. To address these challenges, the security community has responded with a growing set of fragmented defenses. In this work, we survey and categorize USB attacks and defenses, unifying observations from both peer-reviewed research and industry. Our systematization extracts offensive and defensive primitives that operate across layers of communication within the USB ecosystem. Based on our taxonomy, we discover that USB attacks often abuse the trust-by-default nature of the ecosystem, and transcend different layers within a software stack; none of the existing defenses provide a complete solution, and solutions expanding multiple layers are most effective. We then develop the first formal verification of the recently released USB Type-C Authentication specification, and uncover fundamental flaws in the specification's design. Based on the findings from our systematization, we observe that while the spec has successfully pinpointed an urgent need to solve the USB security problem, its flaws render these goals unattainable. We conclude by outlining future research directions to ensure a safer computing experience with USB.
KW - Security
KW - Type C
KW - USB
UR - http://www.scopus.com/inward/record.url?scp=85051032074&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85051032074&partnerID=8YFLogxK
U2 - 10.1109/SP.2018.00037
DO - 10.1109/SP.2018.00037
M3 - Conference contribution
AN - SCOPUS:85051032074
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 1032
EP - 1047
BT - Proceedings - 2018 IEEE Symposium on Security and Privacy, SP 2018
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 21 May 2018 through 23 May 2018
ER -