Title

The reality of risks from consented use of USB devices

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University

Faculty

Computing, Health and Science

School

Computing, Health and Science

RAS ID

4723

Comments

Originally published as: Al-Zarouni, M. (2006). The reality of risks from consented use of USB devices. Paper presented at the Proceedings of 4th Australian Information Security Management Conference. Original article available here

Abstract

Physical security is considered an integral part of information systems security. The idea that small devices pose a security threat for enterprises is well established. On the other hand, consented and supervised access to USB ports via USB flash drives is sometimes allowed. This paper will highlight the risk associated with this kind of access by devices such as IPods and USB flash drives. It will show a proof of concept USB device that runs automatically once connected to a personal computer and copies files and folders from the victim's computer to its storage and executes potentially harmful code on the computer without the user's knowledge. The paper then provides measures necessary to mitigate this type of physical attacks.

DOI

10.4225/75/57b6543434762

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b6543434762