The reality of risks from consented use of USB devices
Document Type
Conference Proceeding
Publisher
School of Computer and Information Science, Edith Cowan University
Faculty
Faculty of Computing, Health and Science
School
School of Computing, Health and Science
RAS ID
4723
Abstract
Physical security is considered an integral part of information systems security. The idea that small devices pose a security threat for enterprises is well established. On the other hand, consented and supervised access to USB ports via USB flash drives is sometimes allowed. This paper will highlight the risk associated with this kind of access by devices such as IPods and USB flash drives. It will show a proof of concept USB device that runs automatically once connected to a personal computer and copies files and folders from the victim's computer to its storage and executes potentially harmful code on the computer without the user's knowledge. The paper then provides measures necessary to mitigate this type of physical attacks.
DOI
10.4225/75/57b6543434762
Access Rights
free_to_read
Comments
Al-Zarouni, M. (2006). The reality of risks from consented use of USB devices. Paper presented at the Proceedings of 4th Australian Information Security Management Conference. Available here