Team May07-10

April 24, 2007

IntroductionProject Team Information Team Members

Jason ErbskornTim PolehnaAaron SartorAaron ThoemingJared Wachter

AdvisorDr. Thomas Daniels

ClientsDr. John W. LamontRalph Patterson III

IntroductionPresentation Outline Introduction

Jason Erbskorn

Design Overview Jared Watcher

Project Activities Aaron Thoeming Tim Polehna Aaron Sartor

Resources and Schedules Aaron Sartor

Closing Materials Jason Erbskorn

IntroductionWhat Are We Designing?

+ USB Flash Drive Transparent Anti-Virus

IntroductionSelected Definitions Foreign computer – A computing machine

that the user does not own and of which the security status is unknown

Home computer – A computing machine that the user owns, operates, and of which the security status is generally known

Project OverviewProject Requirements USB storage device Upgradeable firmware Block viral transmissions to the host

computer Protect system software integrity Inform the user of malicious attacks

Project Overview Operating Environment Indoor environment 0ºC to 70ºC ambient temperature 10% to 90% relative humidity

Project Overview Intended Users Own a personal computer Want to use a portable USB storage

device on foreign computers Desire to keep home computers

and/or network virus free

Project Overview Assumptions Home computer

Available USB 1.1/2.0 port Microsoft Windows 2000/XPUSB Portable Firewall utility installed

Foreign computerAvailable USB 1.1/2.0 port

Project Overview Limitations Virus detection

Cannot detect all malicious attacks USB 1.1 protocol

12Mb/s data rate2.5W max power drawDevice interface to host

Budget $150 maximum plus donations

Project Overview Design Constraints Device software

Linux 2.6.20Clam Antivirus 0.90.2GNUPG 1.4.7

GUI host softwareWindows 2000/XP.NET 2.0 Framework

Gumstix USB powered hardware Size of flash memory MP3 player 1GB flash memory storage

Project Overview Primary Deliverable USB Portable Firewall Overall System

Project Overview Other Deliverables Software Utility

Updates device firmware imageInformation on malicious attack prevention

DocumentationProject planEnd-product design reportProject posterFinal reportUser ManualWebsite

Project ActivitiesPresent Accomplishments Completed

Project documentationHardware assemblySoftware utilityBuild image

IncompleteScanning algorithmKernel integrationTesting

Project Activities Approaches Considered GUI Software Utility

C, C++, Java programming language

Scanning AlgorithmRead/Write, File Transfer Protocol

HardwareConnectCore 9U, TS-7400

Anti-virus SystemOpen Anti-Virus, Norton AV

Kernel IntegrationDirect placement into driver

Project ActivitiesMotherboard

400MHz Intel XScale PXA225 microprocessor 16MB onboard flash memory 64MB 100MHz onboard SDRAM Expansion board support RS-MMC flash media support 1W power requirement

Project Activities Expansion Boards

Implementation Type A male USB port USB 1.1 standard USB power delivery

Development RS-232 serial port Two expansion connectors DC power delivery

Project Activities Component Assembly

Project Activities Final Hardware Implementation

Project Activities Software Build Image Buildroot environment

Micro C library based system○ Stripped down to bare minimum

Designed for gumstix hardware

x86 ARM cross-compile toolchainLinux 2.6.20ClamAV 0.9.2GnuPG 1.4.7

Project Activities USB Communication PXA255 base driver USB Gadget layer

File Backed Storage

USB Mass Storage Class Native OS support

Driver Scanner /proc interface

Standard USB Storage

Driver

USB Host Interface

Windows OS

FAT32Storage

USB Device Interface

Storage Controller

USB Firewall Driver & Software

Host PC Storage Device

Any Host PC

USB Portable Firewall

Project Activities Start-Up Procedure Kernel loads Boot script executed

Device not available until script finishes

Software updates occur at boot time

Visual confirmation that device has finished booting

Start-Up

Does New File in Update Directory Exist?

Check update file signature

Is file signature valid?

Send USB Generic Storage Volume Control Message

Replace existing definitions with the

decrypted

Yes

No

Yes

No

Project Activities Scanning System - Transfer to Device Updates FAT indexing array for virus scanning System software inherently protected by Gadget API

LbaToCluster()

ClusterNum < RootDirNum

UpdateClusterArray()

MakeDirty()

No

Yes

USB Command Decoding

USBCommandProcessing

LBA#

Cluster#

Project Activities Scanning System - Transfer to Host Scan entire file before sending the pieces of it

Intercept file system requests to read blocks of data Report transfer error to host if virus found

LbaToCluster() IsDirty()

ScanFile() MarkClean()

SendTxFailure()GetFileInfo()

USB Command Decoding

USBCommandProcessing

LBA# Cluster#

Yes

No

FirstCluster#

Project Activities Functional Alerts Yellow LED – Transfer Activity Green LED – Device Ready

LED’s OFF

Startup

Green LED ON

Ready

Yellow LED Flash

Transferring

LED’s OFF

ShutdownMount

Transfer Command Received

Unmount

File Transfered

Project Activities Override System Red LED – Override Indicator Single switch logic

Enables/disables scanning system

Red LED Off

Red LED On

Switch OnSwitch Off

Project Activities GUI – Overview Designed in C# language

.NET Framework 2.0

Used on home computer Displays detected infected

files information Anti-virus definition updating

Project Activities GUI – Infected Files / Virus Information Reads from log file on device Infected file

Name SizeModification date

Virus informationName of virus Type of virusAction taken

Project Activities GUI – Device Updating User downloads new update image User specifies path of downloaded file Utility transfers file to device Device loads new software on next boot

Project Activities Verification and Validation Device performance

Board Power-On Self Test (POST)USB device-host connection testVirus detection testOverride function testFirmware update test

Faculty advisor test validation

Team Member Task Total

1 2 3 4 5 6 7 8

Jason Erbskorn 5 14 38 57 15 12 15 55 211

Tim Polehna 5 19 42 62 18 8 10 45 209

Aaron Sartor 5 9 31 55 17 15 14 57 203

Aaron Thoeming 6 13 29 42 23 23 12 48 196

Jared Wachter 6 13 39 61 17 14 12 42 204

Total 27 81 179 277 90 72 63 247 1023

Resources and Schedules

Personnel Hour Requirements

Resources and Schedules

Financial RequirementsItem W/O Labor With Labor

Parts & Materials

a. Basix 400xm Motherboard $130.00 $130.00

b. Serial Cable $12.00 $12.00

c. AC Power Adapter $10.00 $10.00

d. MMC RS 1GB Flash Card $60.00 $60.00

e. Project Poster & Printing Donated Donated

f. Thumbstix Base Board $28.00 $28.00

g. Tweener Board $20.00 $20.00

h. Screws and Spacers kit $4.00 $4.00

i. Miscellaneous Parts $20.00 $20.00

Subtotal $284.00 $284.00

Resources and Schedules

Financial Requirements (contd.)Service Usage & Work W/O Labor With Labor

a. Development PC usage Donated Donated

b. Poster and Reports $65.00 $65.00

Subtotal $65.00 $65.00

Labor at $15/Hour

a. Jason Erbskorn $0.00 $3,165.00

b. Tim Polehna $0.00 $3,135.00

c. Aaron Sartor $0.00 $3,045.00

d. Aaron Thoeming $0.00 $2,940.00

e. Jared Wachter $0.00 $3,060.00

Subtotal $0.00 $15,345.00

Total $349.00 $15,694.00

Resources and Schedules Schedule of Work

Resources and SchedulesDeliverables Schedule Final dates on tasks represent deliverable due dates

Closing MaterialsProject Evaluation

Project Aspect Rating

Project Definition 100%

Technology Research & Selection 100%

Hardware Design 100%

Build Image Design 100%

Scanning System Design 75%

GUI Utility Software Design 100%

Design Integration 33%

Verification & Validation 50%

Production Documentation 100%

Closing Materials Commercialization Demand for secure computing

U3 technology by Kingston and SanDisk

Current advantagesIndependence from host machine

Current shortcomingsNeeds major refinement to be market viable

○ Better appearance and portability○ More robust software and hardware

Needs cost reduction to compete in market

Closing Materials Additional Work Software

Write dedicated USB Gadget driverResearch more effective scanning methodBetter integration with ClamAV

HardwareLarger storage spaceMore attractive case designCustom hardware platformCheaper hardware components

Closing Materials Lessons Learned Project is very large in size

Requires stages for optimum completionGood research base provided by this project

Hardware solution was time consuming Cross compiling is very difficult Scanning during write is difficult Direct integration into Linux kernel difficult

Closing Materials Risk Management Anticipated Risks

Limited hardware development timeLack of open-source documentationMalfunction of software dependencies

Encountered RisksMajor problems during kernel integrationMultiple cross-compilation failuresUSB doesn’t write data blocks concurrently

Closing MaterialsClosing Summary Malicious software pervades computer networks Portable USB storage devices

Not immune to malicious software May contribute to spread of malicious software

USB Portable Firewall Contains 1GB portable flash storage Reduces transfer of malicious software Alerts the user of virus infection and transfer Comes with updatable software Powered by USB power on the host computer

Closing MaterialsQuestion and Answer