ABSTRACT

Modern peripherals devices such as USB keyboards and drives, Bluetooth speakers and headsets, complement users' computer systems with rich functionality and have become an integral part of daily life. While peripheral devices offer a "Plug'n'Play" solution to ease their usage in different scenarios, attacks from these devices are increasing due to their "Trust-by-default" treatment and direct interactions with the low-level parts of the target machines (e.g., operating systems). For instance, a USB drive found in the parking lot could take complete control of an industrial control system once plugged, while a Bluetooth speaker could intercept all the network traffic of a user's laptop once connected. This work aims to systematically improve peripheral security by discovering and reducing vulnerabilities that could enable peripheral attacks ahead of time, detecting malicious tampering within peripheral devices once connected, and responding to peripheral attacks timely with assurance.

This project seeks to address the broad research challenge of enabling a trustworthy and formally-verified peripheral ecosystem and designing next-gen secure peripheral devices and operating systems. Rather than targeting a specific peripheral attack, this project focuses on developing a model-guided and holistic approach for peripheral security in general, including both USB and Bluetooth, leveraging ?models? extracted from peripheral specifications and stack implementations as key prior knowledge, and covering the whole life cycle of peripheral security, including pre-attack, runtime, and post-attack stages. As such, model-guided fuzzing, debloating, and formal verification reduces the attack surface exposed to peripheral devices; model-based firmware analysis, fingerprinting, and authentication enables runtime integrity of peripheral devices; model-guided provenance, patching, and formal implementation allows for immediate and assured responding actions against peripheral attacks. This project will assess all these considerations within a combination of real-world applications (e.g., Android USB security) and specification enhancements (e.g., Bluetooth security and privacy), and generalize the knowledge for securing both peripheral devices and host machines across hardware, firmware, and software stacks.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

Please report errors in award information by writing to: awardsearch@nsf.gov.