Abstract
A secure USB memory appears to store data safely, protect the data stored inside by the security features such as user authentication, data protection, and access control. However, there is a problem that the security of the data stored inside of a USB device can not actually be preserved on all levels due to several discovered vulnerabilities such as bypassing user authentication and exposing decryption keys. In this paper, we analyze categorized potential vulnerabilities that are possible to be connected to real attacks, based on a commercial product A. With the analysis result, we expect that the security mechanism to counteract the proven vulnerabilities can be developed and applied more safely to the commercial devices to protect the sensitive data stored on a secure USB device, a USB disk, or a hard disk.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Kyungroul, L., Kangbin, Y., Eugine, H.S.: Reverse-safe authentication protocol for secure USB memories. J. Secur. Commun. Netw. 5, 834–845 (2012)
Jaein, K., Youngjun, L., Kyungroul, L., Taeyoung, J., Dmitry, V., Kangbin, Y.: Vulnerability to flash controller for secure USB drives. J. Internet Serv. Inf. Secur. 3, 136–145 (2013)
Kyungroul, L., Hyeungjun, Y., Youngtae, C., Sitha, P., Ilsun, Y., Kangbin, Y.: Safe authentication protocol for secure USB memories. J. Wirel. Mob. Netw. Ubiquitous Comput. Dependable Appl. 1, 46–55 (2010)
MyoungSu, K., Kyungroul, L., Kangbin, Y.: Vulnerability analysis of secure disk: based on backup feature of product A. In: International Conference on Broadband and Wireless Computing, Communication and Applications, Barcelona, pp. 386–391 (2017)
Jewan, B., Byeongyeong, Y., Sangjin, L.: Secure USB bypassing tool. J. Digit. Invest. 7, S114–S120 (2010)
Joe, G.: Attacks on and countermeasures for USB hardware token devices. In: Proceedings of the 5th Nordic Workshop on Secure IT Systems, Reykjavik, pp. 35–57 (2000)
Hanjae, J., Younsung, C., Woongryel, J., Fei, Y., Yunho, L., Seungjoo, K., and Dongho, W.: Vulnerability analysis of secure USB flash drives. In: Proceedings of the 2007 IEEE International Workshop on Memory Technology, Design and Testing, Taipei, pp. 61–64 (2007)
Keun-Gi, L., Hye-Won, L., Chang-Wook, P., Je-Wan, B., Kwon-youp, K., Sangjin, L.: USB PassOn: secure USB thumb drive forensic toolkit. In: Proceedings of the 2nd International Conference on Future Generation Communication and Networking, Hainan Island, pp. 279–282 (2008)
Acknowledgments
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2018R1A4A1025632) and by the Basic Science Research Program through the National Research Foundation of Korea (NRF) that is funded by the Ministry of Education (NRF-2018R1D1A1B07047656).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Lee, K., Oh, I., Jang, W., Choi, C., Yim, K. (2019). Vulnerability Analysis on a Secure USB: Based on a Commercial Product A. In: Barolli, L., Leu, FY., Enokido, T., Chen, HC. (eds) Advances on Broadband and Wireless Computing, Communication and Applications. BWCCA 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-030-02613-4_44
Download citation
DOI: https://doi.org/10.1007/978-3-030-02613-4_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02612-7
Online ISBN: 978-3-030-02613-4
eBook Packages: EngineeringEngineering (R0)