Vulnerability analysis of secure USB: based on the fingerprint authentication of product B
Pages 167 - 169
Abstract
In order to improve the security of data stored in the USB memory, a secure USB has appeared on the consumer market. The secure USB protects data stored into the device by user authentication, data encryption, and access control. However, in several products, there is a problem in that the data can be stolen due to authentication bypass or key exposure. To solve this problem, a method for enhancing user authentication has been studied, and product B, which typically provides user authentication with biometric authentication, has emerged. In this paper, we analyze the vulnerability of product B that provides a biometric authentication, and we verified the possibility of bypassing the authentication and the incident of potential stealing of the data. Consequently, we consider that it will be possible to develop a more secure USB product based on counteracting analyzed vulnerability as described in this paper.
References
[1]
Sun-Ho Lee, Jin Kwak, and Im-Yeong Lee. 2009. The study on the security solutions of USB memory. In Proceedings of the IEEE International Conference on Ubiquitous Information Technologies & Applications (ICUT). IEEE, Fukuoka, Japan, 1--4.
[2]
Sun-Ho Lee, Kang-Bin Yim, and Im-Yeong Lee. 2010. A secure solution for USB flash drives using FAT file system structure. In Proceedings of the IEEE International Conference on Network-Based Information Systems (NBiS). IEEE, Gifu, Japan, 487--492.
[3]
A. N. Magdum and Y. M. Patil. 2017. A Secure Data Transfer Algorithm for USB Mass Storage Devices to Protect Documents. In International Journal of Emerging Engineering Research and Technology (IJEERT), 2 (Jul. 2017), 113--119.
[4]
Insu Oh, Yeunsu Lee, Hyeji Lee, Kyungroul Lee, and Kangbin Yim. 2017. Study on Secure USB Mechanism without Exposure of the Authentication Information. In Proceedings of the International Symposium on Mobile Internet Security (MobiSec), Jeju, Republic of Korea.
[5]
Kyungroul Lee, Kangbin Yim, and Eugene H. Spafford. 2012. Reverse-safe authentication protocol for secure USB memories, Journal of Security and Communication Networks (SCN), 5 (Aug. 2012), 834--845.
[6]
Kyungroul Lee, Hyeungjun Yeuk, Youngtae Choi, Sitha Pho, Ilsun You, and Kangbin Yim. 2010. Safe Authentication Protocol for Secure USB Memories. In Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Applications (JoWUA), 1 (Jun. 2010), 46--55.
[7]
Jewan Bang, Byeongyeong Yoo, and Sangjin Lee. 2010. Secure USB bypassing tool. In Journal of the Digital Investigation, 7 (Aug. 2010), S114--S120.
[8]
Hanjae Jeong, Younsung Choi, Woongryel Jeon, Fei Yang, Yunho Lee, Seungjoo Kim, and Dongho Won. 2007. Vulnerability analysis of secure USB flash drives. In Proceedings of the IEEE International Workshop on Memory Technology, Design and Testing (MTDT), IEEE, Taipei, Taiwan, 61--64.
[9]
Jaein Kim, Youngjun Lee, Kyungroul Lee, Taeyoung Jung, Dmitry Volokhov, and Kangbin Yim. 2013. Vulnerability to Flash Controller for Secure USB Drives, Journal of Internet Services and Information Security (JISIS), 3 (Nov. 2013), 136--145.
[10]
Keun-Gi Lee, Hye-Won Lee, Chang-Wook Park, Je-Wan Bang, Kwon-youp Kim, and Sangjin Lee. 2008. "USB PassOn: Secure USB Thumb Drive Forensic Toolkit. In Proceedings of the International Conference on Future Generation Communication and Networking (FGCN), SERSC, Jeju, Korea, 279--282.
[11]
Myoung Su Kim, Kyungroul Lee, and Kangbin Yim. 2017. Vulnerability Analysis of Secure Disk: Based on Backup feature of Product A. In Proceedings of the International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), Barcelona, Spain, 386--391.
[12]
Grand Joe. 2000. Attacks on and countermeasures for usb hardware token devices. In Proceedings of the Nordic Workshop on Secure IT Systems (NordSec), Reykjavik, Iceland, 35--57.
[13]
Larry Hamid. 2015. Biometric technology: not a password replacement, but a complement. Journal of the Biometric Technology Today, 2015 (Jun. 2015), 7--10.
Index Terms
- Vulnerability analysis of secure USB: based on the fingerprint authentication of product B
Recommendations
Comprehensive and Improved Secure Biometric System Using Homomorphic Encryption
Revised Selected Papers of the 10th International Workshop on Data Privacy Management, and Security Assurance - Volume 9481With the widespread development of biometric systems, concerns about security and privacy are increasing. An active area of research is template protection technology, which aims to protect registered biometric data. We focus on a homomorphic encryption ...
Supporting automated vulnerability analysis using formalized vulnerability signatures
ASE '12: Proceedings of the 27th IEEE/ACM International Conference on Automated Software EngineeringAdopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on ...
Security analysis and enhancements of a multi-factor biometric authentication scheme
The security of authentication scheme, especially multi-factor biometric authentication scheme based on password, smart card, and biometric in wireless communication is an important and significant issue that researchers have been focusing on lately. ...
Comments
Information & Contributors
Information
Published In
October 2018
355 pages
ISBN:9781450358859
DOI:10.1145/3264746
- Conference Chair:
- Chih-Cheng Hung,
- General Chair:
- Lamjed Ben Said
Copyright © 2018 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
In-Cooperation
- KISM: Korean Institute of Smart Media
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 October 2018
Check for updates
Author Tags
Qualifiers
- Poster
Funding Sources
- Korea government (MSIT)
- Ministry of Education
Conference
RACS '18
Sponsor:
RACS '18: International Conference on Research in Adaptive and Convergent Systems
October 9 - 12, 2018
Hawaii, Honolulu
Acceptance Rates
Overall Acceptance Rate 393 of 1,581 submissions, 25%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 90Total Downloads
- Downloads (Last 12 months)11
- Downloads (Last 6 weeks)0
Reflects downloads up to 08 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in