Browse Prior Art Database

Enhanced Universal Serial Bus Security Through Fingerprinting Unique Signal Properties

IP.com Disclosure Number: IPCOM000206425D
Publication Date: 2011-Apr-25
Document File: 2 page(s) / 20K

Publishing Venue

The IP.com Prior Art Database

Abstract

A system for enhancing the security of the USB protocol by capturing the unique analog signal properties of an attached device and storing them for later comparison as a fingerprint for that device.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 2

Enhanced Universal Serial Bus Security Through Fingerprinting Unique Signal Properties

Disclosed is a system of hardware and software that will serve to examine the unique signal properties sent by a locally attached device and compare it to a baseline set of properties stored as a "fingerprint" for that device.

This system addresses the security issues caused by the inherent trusting nature of the Universal Serial Bus (USB) protocol. When a USB device is plugged into a host the host proceeds to ask the device for unique identifier information. The host proceeds to trust the device with its response. This inherent trust leaves the host vulnerable; an attacker could replace an input device, such as a keyboard, with an input device they can monitor or control, IE: an identical keyboard with a key stroke logger built-in or the ability to send keystrokes remotely to control the host machine.

There are many software solutions on the market that attempt to address the trusting nature of the USB protocol by monitoring the unique device identity information. These solutions can prevent new devices from being plugged in but they cannot prevent devices from being replaced by devices that report the same unique identity information. These software solutions all rely on the devices being plugged into a host to report themselves correctly and trust that the unique identity information has not been altered or falsified.

The drawback to these existing software solutions is that they rely upon the inherent trust placed on any given device. An attacker could abuse this trust by creating a device that spoofs the identity information of a trusted device. An additional solution is required to prevent this form of attack.

Digital signals are easy to reproduce, however the analog properties of those signals are unique and hard to reproduce. Using this system, it should be po...