Malboard: A novel user keystroke impersonation attack and trusted detection framework based on side-channel analysis

Nitzan Farhi, Nir Nissim, Yuval Elovici

Computers & Security 85, 240-269, 2019

Concealing malicious components within widely used USB peripherals has become a popular attack vector utilizing social engineering techniques and exploiting users’ trust in USB devices. This vector enables the attacker to easily penetrate an organization’s computers even when the target is secured or in an air-gapped network. Such malicious concealment can be done as part of a supply chain attack or during the device manufacturing process. In cases where the device allows the user to update its firmware, a supply chain attack may involve changing just the device’s firmware, thus compromising the device without the need for concealment. A compromised device can impersonate other devices like keyboards in order to send malicious keystrokes to the computer. However, the keystrokes generated maliciously do not match human keystroke characteristics, and therefore they can be easily detected by …