当前位置:
X-MOL 学术
›
ACM Trans. Embed. Comput. Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
MAGNETO
ACM Transactions on Embedded Computing Systems ( IF 2.8 ) Pub Date : 2020-12-07 , DOI: 10.1145/3422308 Omar Adel Ibrahim 1 , Savio Sciancalepore 1 , Gabriele Oligeri 1 , Roberto Di Pietro 1
ACM Transactions on Embedded Computing Systems ( IF 2.8 ) Pub Date : 2020-12-07 , DOI: 10.1145/3422308 Omar Adel Ibrahim 1 , Savio Sciancalepore 1 , Gabriele Oligeri 1 , Roberto Di Pietro 1
Affiliation
Universal Serial Bus (USB) Flash Drives are nowadays one of the most convenient and diffused means to transfer files, especially when no Internet connection is available. However, USB flash drives are also one of the most common attack vectors used to gain unauthorized access to host devices. For instance, it is possible to replace a USB drive so that when the USB key is connected, it would install passwords stealing tools, root-kit software, and other disrupting malware. In such a way, an attacker can steal sensitive information via the USB-connected devices, as well as inject any kind of malicious software into the host. To thwart the above-cited raising threats, we propose MAGNETO, an efficient, non-interactive, and privacy-preserving framework to verify the authenticity of a USB flash drive, rooted in the analysis of its unintentional magnetic emissions. We show that the magnetic emissions radiated during boot operations on a specific host are unique for each device, and sufficient to uniquely fingerprint both the brand and the model of the USB flash drive, or the specific USB device, depending on the used equipment. Our investigation on 59 different USB flash drives—belonging to 17 brands, including the top brands purchased on Amazon in mid-2019—reveals a minimum classification accuracy of 98.2% in the identification of both brand and model, accompanied by a negligible time and computational overhead. MAGNETO can also identify the specific USB Flash drive, with a minimum classification accuracy of 91.2%. Overall, MAGNETO proves that unintentional magnetic emissions can be considered as a viable and reliable means to fingerprint read-only USB flash drives. Finally, future research directions in this domain are also discussed.
中文翻译:
万磁王
通用串行总线 (USB) 闪存驱动器是当今传输文件最方便和普及的方式之一,尤其是在没有 Internet 连接的情况下。但是,USB 闪存驱动器也是用于未经授权访问主机设备的最常见攻击媒介之一。例如,可以更换 USB 驱动器,以便在连接 USB 密钥时,它会安装密码窃取工具、root-kit 软件和其他破坏性恶意软件。通过这种方式,攻击者可以通过 USB 连接的设备窃取敏感信息,以及将任何类型的恶意软件注入主机。为了阻止上述威胁,我们提出了 MAGNETO,这是一种高效、非交互和隐私保护的框架,用于验证 USB 闪存驱动器的真实性,根植于对其无意磁发射的分析。我们表明,在特定主机上启动操作期间辐射的磁辐射对于每个设备都是独一无二的,并且足以根据使用的设备对 USB 闪存驱动器或特定 USB 设备的品牌和型号进行唯一指纹识别。我们对 59 个不同的 USB 闪存驱动器(属于 17 个品牌,包括 2019 年年中在亚马逊上购买的顶级品牌)的调查显示,品牌和型号识别的最低分类准确率为 98.2%,时间和计算量可以忽略不计高架。MAGNETO 还可以识别特定的 U 盘,最低分类准确率为 91.2%。全面的,MAGNETO 证明,无意的磁辐射可以被认为是对只读 USB 闪存驱动器进行指纹识别的可行且可靠的方法。最后,还讨论了该领域未来的研究方向。
更新日期:2020-12-07
中文翻译:
万磁王
通用串行总线 (USB) 闪存驱动器是当今传输文件最方便和普及的方式之一,尤其是在没有 Internet 连接的情况下。但是,USB 闪存驱动器也是用于未经授权访问主机设备的最常见攻击媒介之一。例如,可以更换 USB 驱动器,以便在连接 USB 密钥时,它会安装密码窃取工具、root-kit 软件和其他破坏性恶意软件。通过这种方式,攻击者可以通过 USB 连接的设备窃取敏感信息,以及将任何类型的恶意软件注入主机。为了阻止上述威胁,我们提出了 MAGNETO,这是一种高效、非交互和隐私保护的框架,用于验证 USB 闪存驱动器的真实性,根植于对其无意磁发射的分析。我们表明,在特定主机上启动操作期间辐射的磁辐射对于每个设备都是独一无二的,并且足以根据使用的设备对 USB 闪存驱动器或特定 USB 设备的品牌和型号进行唯一指纹识别。我们对 59 个不同的 USB 闪存驱动器(属于 17 个品牌,包括 2019 年年中在亚马逊上购买的顶级品牌)的调查显示,品牌和型号识别的最低分类准确率为 98.2%,时间和计算量可以忽略不计高架。MAGNETO 还可以识别特定的 U 盘,最低分类准确率为 91.2%。全面的,MAGNETO 证明,无意的磁辐射可以被认为是对只读 USB 闪存驱动器进行指纹识别的可行且可靠的方法。最后,还讨论了该领域未来的研究方向。
京公网安备 11010802027423号