Please use this identifier to cite or link to this item: http://hdl.handle.net/2440/111921
Full metadata record
DC FieldValueLanguage
dc.contributor.authorSu, Y.en
dc.contributor.authorGenkin, D.en
dc.contributor.authorRanasinghe, D.en
dc.contributor.authorYarom, Y.en
dc.date.issued2017en
dc.identifier.citationProceedings of the 26th USENIX Security Symposium, 2017 / pp.1145-1161en
dc.identifier.isbn9781931971409en
dc.identifier.urihttp://hdl.handle.net/2440/111921-
dc.description.abstractThe Universal Serial Bus (USB) is the most prominent interface for connecting peripheral devices to computers. USB-connected input devices, such as keyboards, card-swipers and fingerprint readers, often send sensitive information to the computer. As such information is only sent along the communication path from the device to the computer, it was hitherto thought to be protected from potentially compromised devices outside this path. We have tested over 50 different computers and external hubs and found that over 90% of them suffer from a crosstalk leakage effect that allows malicious peripheral devices located off the communication path to capture and observe sensitive USB traffic. We also show that in many cases this crosstalk leakage can be observed on the USB power lines, thus defeating a common USB isolation countermeasure of using a charge-only USB cable which physically disconnects the USB data lines. Demonstrating the attack’s low costs and ease of concealment, we modify a novelty USB lamp to implement an off-path attack which captures and exfiltrates USB traffic when connected to a vulnerable internal or a external USB hub.en
dc.description.statementofresponsibilityYang Su, Daniel Genkin, Damith Ranasinghe, Yuval Yaromen
dc.language.isoenen
dc.publisherUSENIX Associationen
dc.rightsOpen access to the Proceedings of the 26th USENIX Security Symposium is sponsored by USENIXen
dc.source.urihttps://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/suen
dc.titleUSB snooping made easy: crosstalk leakage attacks on USB hubsen
dc.typeConference paperen
dc.identifier.rmid0030080052en
dc.contributor.conference26th USENIX Security Symposium (16 Aug 2017 - 18 Aug 2017 : Vancouver, BC, Canada)en
dc.publisher.placeBerkeley, CA, USAen
dc.relation.granthttp://purl.org/au-research/grants/arc/DP140103448en
dc.identifier.pubid390053-
pubs.library.collectionComputer Science publicationsen
pubs.library.teamDS03en
pubs.verification-statusVerifieden
pubs.publication-statusPublisheden
dc.identifier.orcidRanasinghe, D. [0000-0002-2008-9255]en
dc.identifier.orcidYarom, Y. [0000-0003-0401-4197]en
Appears in Collections:Computer Science publications

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.