Defending against malicious peripherals with Cinch

Sebastian Angel, Riad S. Wahby, Max Howald, Joshua B. Leners, Michael Spilo, Zhen Sun, Andrew J. Blumberg, Michael Walfish

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Malicious peripherals designed to attack their host computers are a growing problem. Inexpensive and powerful peripherals that attach to plug-and-play buses have made such attacks easy to mount. Making matters worse, commodity operating systems lack coherent defenses, and users are often unaware of the scope of the problem. We present Cinch, a pragmatic response to this threat. Cinch uses virtualization to attach peripheral devices to a logically separate, untrusted machine, and includes an interposition layer between the untrusted machine and the protected one. This layer regulates interaction with devices according to user-configured policies. Cinch integrates with existing OSes, enforces policies that thwart real-world attacks, and has low overhead.

Original languageEnglish (US)
Title of host publicationProceedings of the 25th USENIX Security Symposium
PublisherUSENIX Association
Pages397-414
Number of pages18
ISBN (Electronic)9781931971324
StatePublished - Jan 1 2016
Event25th USENIX Security Symposium - Austin, United States
Duration: Aug 10 2016Aug 12 2016

Publication series

NameProceedings of the 25th USENIX Security Symposium

Conference

Conference25th USENIX Security Symposium
CountryUnited States
CityAustin
Period8/10/168/12/16

ASJC Scopus subject areas

  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Defending against malicious peripherals with Cinch'. Together they form a unique fingerprint.

  • Cite this

    Angel, S., Wahby, R. S., Howald, M., Leners, J. B., Spilo, M., Sun, Z., Blumberg, A. J., & Walfish, M. (2016). Defending against malicious peripherals with Cinch. In Proceedings of the 25th USENIX Security Symposium (pp. 397-414). (Proceedings of the 25th USENIX Security Symposium). USENIX Association.