Preventing malicious attacks launched from or involving usb devices
US9785771B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 13, 2015 |
| Grant date | Oct 10, 2017 |
| Priority date | — |
| Expiry date | Jan 20, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Approaches for protecting a computing device against malicious code using an attack vector involving a USB device. A computing device prevents a USB device from communicating operational input to the computing device using a USB port residing on or coupled to the computing device unless consent data is stored on the computing device. Consent data is data that affirms consent provided by a user of the computing device to allow the USB device to communicate with the computing device using the USB port. Note that the lack of consent data stored on the computing device does not prohibit the USB device from identifying itself to the computing device. In this way, if the USB device comprises malicious code or has been designed in a malicious manner, the USB device will be unable to submit operational input to the computing device without the consent of the user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.