IMPLEMENTATION AND PREVENTION OF ADVANCED USB ATTACKS (Network Security)

Removable media is a well known source of malware infections and has been directly tied to the loss of sensitive information in many organizations. Manufacturing and functional integration of electronic devices continue to pose new concerns in protecting the digital environment. Administrators should so be aware that many other products exist on the market that easily serves covert purposes like

1. Network Hijacking: Finding the Open Ports, Network vulnerabilities and sending the data over network.
2. Data Theft using Exfiltration: Unauthorized copying, transfer or retrieval of data from a computer or server.
3. Remote Shell Access: Creating backdoors that can give complete shell access to the remote machine.
4. Keystroke Injection: Hooking to the keyboard, logging keystrokes and pasting into the Web server.
5. WiFi Password Grabber: Our objective is to grab the WiFi passwords so that using the credentials we can enter the intended network.

This project is a holistic approach for presenting above attacks using advanced USB devices and defending Mechanisms. It also provides a characterization of the threat, recommendations for minimizing risks and an update on products currently available which have security implications. An application on the defense mechanism will be developed which restricts the execution of external device (USB) and alerts the user about the threat.