MAGNETO: Fingerprinting USB Flash Drives via Unintentional Magnetic Emissions
Universal Serial Bus (USB) Flash Drives are nowadays one of the most convenient and diffused means to transfer files, especially when no Internet connection is available. However, USB flash drives are also one of the most common attack vectors used to gain unauthorized access to host devices. For instance, it is possible to tamper with or replace a USB drive so that when the USB key is connected, it would install passwords stealing tools, root-kit software, and other disrupting malware. In such a way, an attacker can steal sensitive information via the USB-connected devices, as well as inject any kind of malicious software into the host. To face the above-cited raising threats, we propose MAGNETO, an efficient, non-interactive, and privacy-preserving framework to verify the authenticity of a USB flash drive, rooted in the analysis of its unintentional magnetic emissions. We show that the magnetic emissions radiated during boot operations on a specific host are unique for each device, and sufficient to uniquely fingerprint either the brand and the model of the USB flash drive, or the specific USB device, depending on the used equipment. Our investigation on 23 different USB flash drives, including the top brands purchased on Amazon in mid-2019, reveals a minimum classification accuracy of 97.5 positives, accompanied by a negligible time and computational overhead. Overall, MAGNETO proves that unintentional magnetic emissions can be considered as a viable and reliable mean to fingerprint read-only USB flash drives.
READ FULL TEXT