Enhancing USB security: a multi-layered framework for detecting vulnerabilities and mitigating BadUSB attacks
Date
2025-10
Journal Title
Journal ISSN
Volume Title
Publisher
BRAC University
Abstract
Universal Serial Bus (USB) devices are an inseparable part of modern computing and
they are also a considerable cybersecurity threat. Malicious hardware like BadUSBs,
Keyloggers and other peripherals that have been reprogrammed can pose as legitimate
devices, execute commands that are not authorized and steal confidential data
without the user’s knowledge. This study introduces a detailed software-based system
that attempts to identify and prevent malicious USB actions by employing a
multi-layered security system. The proposed system incorporates USB metadata
validation system, behavioral tracking, anomaly detection and user-verification to
offer high protection without affecting usability. The framework is deployed by
the device connection and it temporarily isolates the device as it tries to verify
the authenticity of the device by analysing power consumption, keystroke timing,
CAPTCHA and mouse hover-based user authentication. In its simplest form, a
machine-learning model trained on real and GAN-enhanced data would allow the
process of adaptive threat detection that can detect changing attack patterns with
high accuracy. Experimental tests prove that the system attains high detection effectiveness
and a very low false-positive level, which effectively eliminates the risks
of malicious USB devices. This product fills a severe gap in endpoint protection
by providing a practical, smart and user-friendly solution to protect personal and
enterprise space against the emerging threat of USB-based attacks.
Description
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 102-104).
This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science and Engineering, 2025.
Includes bibliographical references (pages 102-104).
This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science and Engineering, 2025.
Keywords
USB devices, BadUSB attack, Anomaly detection, Device fingerprinting, Adaptive learning, Forensic analysis, USB metadata validation system, Behavioral tracking, User verification, Cyber threats, Data protection
