Threat and Vulnerability Modelling of Malicious Human Interface Devices

Mathew Nıcho; Ibrahim Sabry

doi:10.55549/epstem.1225679

Authors

Mathew Nıcho Author
Ibrahim Sabry Author

DOI:

https://doi.org/10.55549/epstem.1225679

Keywords:

Human interface device (HID), Malicious HID, HID threats, HID vulnerabilities.

Abstract

The threats posed by malicious Human Interface Devices (HID) have greater potential for harmowing to the inherent trust given to them by the respective Operating Systems (OS). While HIDs vary in termsof hardware and software, the OS detects them as genuine, providing access to the malicious HID to performand execute privileged actions as if it came from a genuine user. Since the threat can bypass normal securitycontrols, it poses a significant challenge to security managers. While the insider (both unintentional andmalicious) threat level posed by the malicious HIDs is high, research in the domain of mapping HIDs to HIDattack vectors and the exploited vulnerabilities is scarce, which is evident from the paucity of research outputs ina Google Scholar search. Accordingly, the objective of this research is to create a model that maps HIDs tovulnerability categories aligned to attacks. In this connection, the paper proposes an HID Threat Vulnerabilitymodel (HidTV) that identifies the malicious HID types and evaluates the nature of HID related threats and thecorresponding vulnerabilities that are exploited. The resulting model can provide security managers with avisibility of critical vulnerabilities, map specific HIDs to threats and vulnerabilities and formulate securitypolicies to defend and mitigate against these threats. From an academic perspective, the paper provides afoundation for researchers to evaluate and propose detective and mitigation strategies for specific attack paths.While there are genuine uses for HIDs, this paper focuses on the ways they can be intentionally exploited formalicious purposes.