[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"doc-detail-32032":3,"doc-seo-32032":28},{"code":4,"msg":5,"data":6},0,"success",{"doc_id":7,"user_id":8,"nickname":9,"user_avatar":10,"doc_module":4,"category_id":11,"category_name":12,"doc_title":13,"doc_description":14,"file_id":15,"file_url":16,"file_type":17,"file_size":18,"view_count":19,"is_deleted":4,"is_public":20,"is_downloadable":20,"audit_status":20,"page_count":21,"language":22,"language_code":23,"table_of_contents":24,"faqs":25,"seo_title":13,"seo_description":14,"update_tm":26,"read_time":27},32032,962075006959,"Anda","https://ap-avatar.wpscdn.com/avatar/e0002397efbe92a78e?_k=1776741047341049297",8,"Research & Report","Defending Against Malicious USB Firmware with GoodUSB","USB attacks increasingly target the USB stack itself by embedding malicious code in device firmware, enabling covert requests for extra interfaces and functionality beyond the device’s apparent purpose. This behavior underlies attacks like BadUSB, where a storage device can impersonate a keyboard and inject scripts into the host. The work identifies unrestricted device privileges during USB enumeration as a root cause and proposes GoodUSB, a Linux mediation architecture that enforces permissions from user expectations while adding a security-image workflow and honeypot visibility with low performance overhead.","cbCaicdZgAkdtsIt","https://ap.wps.com/l/cbCaicdZgAkdtsIt","pdf",271417,2,1,10,"English","en","# Introduction\n## USB risks and BadUSB overview\n## Root cause: enumeration access control\n# GoodUSB approach\n## Permission mediation based on user expectations\n## Security image administration\n## USB honeypot for suspicious activity\n# Results and contributions","[{\"question\":\"What enables BadUSB-style attacks at a fundamental level?\",\"answer\":\"The USB protocol’s enumeration phase lacks adequate access control, allowing devices to request unrestricted interface and driver access on behalf of the host.\"},{\"question\":\"How does GoodUSB prevent a malicious USB device from gaining unintended capabilities?\",\"answer\":\"GoodUSB mediates the Linux USB stack and enforces permissions by comparing requested device features against what the end user expects the device to be.\"},{\"question\":\"What additional mechanisms does GoodUSB include beyond permission enforcement?\",\"answer\":\"GoodUSB provides a security-image component to simplify device administration and a honeypot mechanism to observe and profile suspicious USB activities.\"}]",1780693271,25,{"code":4,"msg":29,"data":30},"ok",{"site_id":31,"language":23,"slug":32,"title":13,"keywords":33,"description":14,"schema_data":34,"social_meta":85,"head_meta":87,"extra_data":89,"updated_unix":26},105,"defending-against-malicious-usb-firmware-with-goodusb","",{"@graph":35,"@context":84},[36,52,67],{"@type":37,"itemListElement":38},"BreadcrumbList",[39,43,46,49],{"item":40,"name":41,"@type":42,"position":20},"https://docshare.wps.com","Home","ListItem",{"item":44,"name":45,"@type":42,"position":19},"https://docshare.wps.com/document/","Document",{"item":47,"name":12,"@type":42,"position":48},"https://docshare.wps.com/document/research-report/",3,{"item":50,"name":13,"@type":42,"position":51},"https://docshare.wps.com/document/defending-against-malicious-usb-firmware-with-goodusb/32032/",4,{"url":50,"name":13,"@type":53,"author":54,"headline":13,"publisher":56,"fileFormat":59,"description":14,"dateModified":60,"datePublished":61,"encodingFormat":59,"isAccessibleForFree":62,"interactionStatistic":63},"DigitalDocument",{"name":9,"@type":55},"Person",{"url":40,"name":57,"@type":58},"DocShare","Organization","application/pdf","2026-06-12","2026-06-05",true,{"@type":64,"interactionType":65,"userInteractionCount":19},"InteractionCounter",{"@type":66},"ViewAction",{"@type":68,"mainEntity":69},"FAQPage",[70,76,80],{"name":71,"@type":72,"acceptedAnswer":73},"What enables BadUSB-style attacks at a fundamental level?","Question",{"text":74,"@type":75},"The USB protocol’s enumeration phase lacks adequate access control, allowing devices to request unrestricted interface and driver access on behalf of the host.","Answer",{"name":77,"@type":72,"acceptedAnswer":78},"How does GoodUSB prevent a malicious USB device from gaining unintended capabilities?",{"text":79,"@type":75},"GoodUSB mediates the Linux USB stack and enforces permissions by comparing requested device features against what the end user expects the device to be.",{"name":81,"@type":72,"acceptedAnswer":82},"What additional mechanisms does GoodUSB include beyond permission enforcement?",{"text":83,"@type":75},"GoodUSB provides a security-image component to simplify device administration and a honeypot mechanism to observe and profile suspicious USB activities.","https://schema.org",{"og:url":50,"og:type":86,"og:title":13,"og:site_name":57,"og:description":14},"article",{"robots":88,"canonical":50},"index,follow",{"doc_id":7,"site_id":31}]