Malware is often introduced via USB flash drives. But today this can be handled using anti-malware and endpoint security solutions.

Much more complicated is defending direct attacks on device drivers. An attacker could use modified malicious USB devices which exploit bugs within USB device drivers. Most often this happens underneath the radar of anti-malware solutions and might provide full access to the operating system because the device drivers operate in kernel space.

This attack does not require network connections and is therefore especially a threat for high security environments. The detection of such manipulated USB devices require most often manual work and the dissassembly of the device. The availability of devices supporting this attack enables not just secret services but anybody to mount such attacks.

The goal of the research project was the development of the virtual USB fuzzer (vUSBf). This framework may check device drivers systematically using fuzzing. This technology successfully detects vulnerabilities. To achieve this both the operating system and the USB devices are virtualized. The virtual environment increases the performance using parallel execution.