Affiliations: Sezione di Informatica e Automazione, Dipartimento di Ingegneria, Università degli Studi Roma Tre, Via della Vasca Navale 79, 00146 Roma, Italy
Note: [1] A preliminary version of the results shown in this paper was published in (In Privacy, Security and Trust (PST), 2016 14th Annual Conference on (2016) 493–496 IEEE; In Privacy, Security and Trust (PST), 2016 14th Annual Conference on (2016) 477–484 IEEE). A short summary of part of this work was published in (International Journal of Critical Infrastructures 13(2–3) (2017) 206–237).
Abstract: Industrial Control Systems (ICS) are sensible targets for high profile attackers and advanced persistent threats, which are known to exploit USB thumb drives as an effective spreading vector. In ICSes, thumb drives are widely used to transfer files among disconnected systems and represent a serious security risks, since, they may be promiscuously used in both critical and regular systems. The threats come both from malware hidden in files stored in the thumb drives and from BadUSB attacks. BadUSB leverages the modification of firmware of USB devices in order to mimic the behaviour of a keyboard and send malicious commands to the host. We present a solution that allows a promiscuous use of USB thumbs drives while protecting critical machines from malware, that spreads by regular file infection or by firmware infection. The main component of the architecture we propose is an hardware, called USBCaptchaIn, intended to be in the middle between critical machines and connected USB devices. We do not require users to change the way they use thumb drives. To avoid human-errors, we do not require users to take any decision. The proposed approach is highly compatible with already deployed products of a ICS environment and proactively blocks malware before they reach their targets. We describe our solution, provide a thorough analysis of the security of our approach in the ICS context, and report the informal feedback of some experts regarding our first prototypes.
Keywords: Industrial control system (ICS), BadUSB attack, defence against USB-based attacks, hardware-based protection, authenticated data structure, data integrity protection, USB-based attack prevention
