Abstract
The current Internet threat environment is characterized by an increase in data theft, data leakage, and the creation of targeted, malicious code for the purpose of stealing confidential information that can be used for financial gain. This paper focuses on protecting sensitive files from getting accidently leaked out of a system through unauthorized USB devices. We propose a hardware architecture guaranteeing USB-based data leakage prevention. The prototype board connected to a USB host system intercepts and analyzes USB data transferred to a USB device. This approach provides flexible security enforcement policies including alerting and real-time blocking.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Anderson, D., Dzatko, D.: Universal Serial Bus System Architecture, 2nd edn. Addison-Wesley, Reading (2001)
Maier, G.M.: Hardware Pattern Matching for Network Traffic Analysis in Gigabit Environments. Diplomarbeit in Informatik, Technische Universität Munchen (May 2007)
Jacoby, G.A., Mosly, S.: Mobile Secuirty Using Separated Deep Packet Inspection. In: IEEE CCNC (2008)
song, H., Dharmapurikar, S., Turner, J., Lockwood, J.: Fast Hash Table Lookup Using Extended Bloom Filter: An Aid to Network Processing. In: SIGCOMM (August 2005)
IDC, Information Protection and Control Survey: Data Loss Prevention and Encryption Trends, Doc #211109 (March 2008)
SOPHOS, White Paper Stopping data leakage: Exploiting your existing security investment (June 2008)
XILINX Inc., Virtext-5 FPGA User Guide (March 2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kang, D., Jung, B., Kim, K. (2009). Hardware Based Data Inspection for USB Data Leakage Prevention. In: Ślęzak, D., Kim, Th., Fang, WC., Arnett, K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10847-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-10847-1_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10846-4
Online ISBN: 978-3-642-10847-1
eBook Packages: Computer ScienceComputer Science (R0)