Portable storage devices such as USB flash drives have become virtually ubiquitous in daily life. They are as useful to students in college as to a soldier transferring data in a combat theater. However, the security risks posed by using these devices are all too real: after malicious code on a flash drive infected operational networks, allowing a mass exfiltration of classified data subsequently posted to Wikileaks, the Department of Defense banned these devices. The security vulnerabilities exposed by these events are of concern far beyond the military and extend to any user of portable storage. While numerous attempts have been made to secure hosts from malicious devices, very little research has considered the symmetrical problem of ensuring the protection of sensitive data from potentially compromised hosts, nor the security of the USB bus itself.
This project examines the factors contributing to the vulnerability of portable storage devices and consider a new framework for modeling and evaluating the security of these devices. We will consider the security of the storage devices themselves, the hosts they attach to, and the USB interface that transports the data. We consider methods of monitoring the integrity of attached hosts, and examine how to establish and manage host identity. We propose applications based on these devices, such as maintaining provenance and forensic information on stored data, and new frameworks supporting information flow for further enforcing finer-grained access protections. Such advances will ensure that flash drives and hosts they attach to remain safe and secure.
