The Human Interface Device Attack Vector: Research and Development

DerbyCon V - Unity

Presented by: Alexander Livingston Segal
Date: Saturday September 26, 2015
Time: 14:00 - 14:25
Location: Track 5
Track: Stable Talks

In recent years, remote exploitation and usb auto-run have become less reliable methods of gaining a foothold inside a target organization. However, blended “cyber-physical” social engineering attacks have shown high rates of success and low rates of detection. The malicious emulation of human interaction will continue to remain a powerful technique in the offensive arsenal for as long as humans need to interface with computers. This talk discusses the Human Interface Device Attack Vector and the design and creation of trojan usb and bluetooth mice and keyboards, which can be employed effectively by anyone who can gain physical access or able to deceive someone who has the required access, such as second-story men, disgruntled employees or social engineers.

Alexander Livingston Segal


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats