Document Type



Master of Science (MS)


Computer Engineering

First Advisor's Name

A. Selcuk Uluagac

First Advisor's Committee Title

Committee Chair

Second Advisor's Name

Kemal Akkaya

Second Advisor's Committee Title

Committee Member

Third Advisor's Name

Alexander Perez-Pons

Third Advisor's Committee Title

Committee Member

Fourth Advisor's Name

Michael Vai

Fourth Advisor's Committee Title

Committee Member


hardware security, machine learning, USB, intrusion detection

Date of Defense



Today, the USB protocol is among the most widely used protocols. However, the mass-proliferation of USB has led to a threat vector wherein USB devices are assumed innocent, leaving computers open to an attack. Malicious USB devices can disguise themselves as benign devices to insert malicious commands to connected end devices. A rogue device appears benign to the average OS, requiring advanced detection schemes to identify malicious devices. However, using system-level hooks, advanced threats may subvert OS-reliant detection schemes. This thesis showcases USB-Watch, a hardware-based USB threat detection framework. The hardware can collect live USB traffic before the data can be altered in a corrupted OS. Behavioral analysis of USB devices allows for a generalizable anomaly detection classifier in hardware that can detect abnormal behavior from USB devices. The framework tested achieves an ROC AUC of 0.99 against a testbed of live USB devices.





Rights Statement

Rights Statement

In Copyright. URI:
This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).