Abstract: Computer systems may store temporarily or permanently vital information to individuals or organizations, so, it can be subjected to different types of attacks. Attackers can exploit existing vulnerabilities to reach and extract targeted information via. one of the attack points represented by the Input/Output (I/O) ports, such as the Universal Serial Bus (USB). This study proposes a security solution to thwart malicious I/O devices from launching I/O attacks against the computer using hardware/software system called Input/Output Port Blocker (IOPB) that is based on a two-factor user authentication technique. The main idea of protecting the computer system from I/O attacks is to add a security layer to isolate the I/O ports from the computer system. In this layer, the required security policy can be applied using different security controls such as user authentication, access control, anti-malware and encryption. This research applies to all I/O ports but as a case study, protecting computers from I/O attacks arising from the USB ports are considered. It also describes the proposed IOPB system design and provides a detailed implementation using C# programming language, Raspberry Pi3 Model B, a relay switch and fingerprint reader U.are.U 4500. Finally, it studies the effect of activating the IOPB on data transmission speed between the USB-based storage device and host considering image, voice and video. The obtained results from the transmission of multimedia to the computer system show that the effect of adding the IOPB increases the delay approximately by 2.5, 2 and 3.5%, respectively. This effect can be considered negligible and has no significant effect on the system performance compared to the protection offered by the IOPB.
Marwah Q. Abbas and Alaa M. Abdul-Hadi, 2019. Design and Implementation of Input/Output Port Blocker System to Thwart Input/Output Attacks. Journal of Engineering and Applied Sciences, 14: 7098-7104.