文化大學機構典藏 CCUR:Item 987654321/39758
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47121/50987 (92%)
Visitors : 13825989      Online Users : 306
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/39758


    Title: BadUSB攻擊分析與預防
    BadUSB attack and prevention analysis
    Authors: 侯皓薰
    Contributors: 資訊管理學系碩士在職專班
    Keywords: 攻擊
    預防
    安全性
    BadUSB
    attack
    prevention
    security
    Date: 2018
    Issue Date: 2018-05-03 10:41:55 (UTC+8)
    Abstract: 相較於傳統病毒攻擊模式,駭客可以利用BadUSB攻擊模擬成鍵盤和滑鼠之任何USB設備,利用BadUSB設備中的微處理器可動態傳送攻擊程式,從而完全控制主機,甚至連防毒軟體都會被關掉。因為BadUSB攻擊程式碼是隱藏在設備韌體裡,所以目前尚無防毒軟體可有效預防BadUSB攻擊。
    本研究先開發出BadUSB設備並在載有安裝防毒軟體的測試機器上模擬攻擊,開發階段以USB封包分析儀器分析最佳攻擊參數,本研究證明此攻擊可以關閉防毒軟體,了解攻擊方法後再研究預防的策略,先以USB設備的特徵碼作為檢核,再以USB層級的防火牆作為最後防線;USB層級的防火牆是透過Filter驅動程式即時分析USB封包,如果發現惡意攻擊將即時攔截惡意封包並停用BadUSB設備,本研究將成功阻擋BadUSB攻擊並且對使用者的打擾降至最低。
    Compared with the traditional virus attack mode, hackers can use BadUSB attack to simulate any USB device of keyboard and mouse, use the microprocessor of BadUSB device can transmit the attack program dynamically, and control the host completely, even the anti-virus software will be turned off. Because the BadUSB attack program code is hidden in the device firmware, there is no anti-virus software available to prevent BadUSB attacks.
    This research first develops the BadUSB equipment and simulates the attack on the test machine containing the anti-virus software installed. In the development phase, the best attack parameters are analyzed by USB packet analysis instrument. This research proves that this attack can turn off anti-virus software, understand the attack method. This thesis then studies the prevention strategy, taking the characteristic code of USB device as checking core, following by regarding the firewall at the USB level as the last line of defense. The USB-level firewall is through the filter driver real-time analysis of USB packets, if the discovery of malicious attacks will real-time intercept malicious packets and disable BadUSB devices.
    Appears in Collections:[Department of Information Management & Graduate Institute of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML283View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback