Method and device for detecting malicious USB equipment

A detection method and equipment technology, applied in the field of information security, can solve the problems of threat, virus scanning mechanism cannot detect, weak hiding ability, etc., to achieve the effect of ensuring information security

Active Publication Date: 2016-06-29
HARBIN ANTIY TECH
View PDF4 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The first attack method may occur on any general-purpose USB device. The infected device cannot be found by the user as a general-purpose USB device, and the traditional virus scanning mechanism cannot detect the malicious code hidden in it, so it is extremely threatening
Although the second method is a self-made special device, its own hidden ability is weak, but the traditional virus scanning mechanism is also unable to detect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting malicious USB equipment
  • Method and device for detecting malicious USB equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention provides a detection method and device embodiment of a malicious USB device, in order to enable those skilled in the art to better understand the technical solutions in the embodiment of the present invention, and to enable the above-mentioned purposes, features and advantages of the present invention to It is more obvious and easy to understand, and the technical solution in the present invention will be described in further detail below in conjunction with the accompanying drawings:

[0039] The present invention firstly provides a detection method embodiment of a malicious USB device, such as figure 1 shown, including:

[0040] S101 configures a whitelist for the USB port of the main device, the whitelist includes: the types of devices that are allowed to be accessed and the operations that are allowed to be performed by each type of device;

[0041] S102 analyzes hardware and firmware known to have security threats, and extracts feature inform...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for detecting malicious USB equipment. The method comprises the steps as follows: white list configuration is carried out on a USB port of primary equipment, wherein a white list comprises access-allowed equipment types and execution-allowed operations of the equipment types; known hardware and firmware with a security threat are analyzed; feature information is extracted and stored into a black list; when the condition that the USB equipment is accessed to the primary equipment is monitored and found, the equipment type is identified and the operation behavior is recorded; the equipment type and the operation behavior are matched with those in the white list; processing operation is carried out on the basis of the matching result; hardware information of the USB equipment is obtained and comprises main control chip information, firmware version information or storage chip information; the hardware information is matched with that in the black list; and the processing operation is carried out on the basis of the matching result. According to the technical scheme, the USB equipment for implementing an attack by known hardware bug and firmware bug can be effectively identified.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a detection method and device for a malicious USB device. Background technique [0002] Thanks to the rapid development of processor technology, mobile storage technology, and network communication technology, hardware equipment has begun to move towards the direction of diversified functions and standardized interfaces. As an external bus standard, USB is most widely used in connection and communication between various devices. Due to the standardization and versatility of the USB bus, it has also become the main medium of malicious code transmission and the main means of malicious attacks. [0003] The traditional method of using USB devices to attack is generally realized by infecting the user storage area of ​​USB devices. Nowadays, with the development of anti-virus technology and the improvement of emergency response capabilities, the way of using traditional...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/85G06F21/71
CPCG06F21/71G06F21/85
Inventor 林长伟黄显澍肖新光
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap