{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:05:58Z","timestamp":1750309558171,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":81,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T00:00:00Z","timestamp":1745280000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/https:\/\/doi.org\/10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["491039149"],"award-info":[{"award-number":["491039149"]}],"id":[{"id":"10.13039\/https:\/\/doi.org\/10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,4,22]]},"DOI":"10.1145\/3696410.3714637","type":"proceedings-article","created":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T22:47:11Z","timestamp":1745362031000},"page":"1093-1104","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Peripheral Instinct: How External Devices Breach Browser Sandboxes"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-6891-965X","authenticated-orcid":false,"given":"Leon","family":"Trampert","sequence":"first","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-1201-0299","authenticated-orcid":false,"given":"Lorenz","family":"Hetterich","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-6684-2035","authenticated-orcid":false,"given":"Lukas","family":"Gerlach","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-0014-3144","authenticated-orcid":false,"given":"Mona","family":"Schappert","sequence":"additional","affiliation":[{"name":"Universit\u00e4t des Saarlandes, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2470-8444","authenticated-orcid":false,"given":"Christian","family":"Rossow","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Dortmund, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6744-3410","authenticated-orcid":false,"given":"Michael","family":"Schwarz","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,4,22]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Shubham Agarwal. 2022. Helping or Hindering? How Browser Extensions Undermine Security. In CCS.","DOI":"10.1145\/3548606.3560685"},{"key":"e_1_3_2_1_2_1","unstructured":"Apple. 2023a. Control access to input monitoring on Mac. https:\/\/support.apple.com\/guide\/mac-help\/control-access-to-input-monitoring-on-mac-mchl4cedafb6\/mac"},{"key":"e_1_3_2_1_3_1","unstructured":"Apple. 2023b. WebKit Standard Positions. https:\/\/webkit.org\/tracking-prevention\/#anti-fingerprinting"},{"key":"e_1_3_2_1_4_1","unstructured":"ArchWiki. 2023. udev. https:\/\/wiki.archlinux.org\/title\/udev"},{"key":"e_1_3_2_1_5_1","unstructured":"Jan Axelson. 2007. Serial Port Complete: The Developer's Guide. Lakeview Research LLC."},{"key":"e_1_3_2_1_6_1","unstructured":"Bastille Research. 2016. MouseJack. https:\/\/www.mousejack.com\/"},{"key":"e_1_3_2_1_7_1","unstructured":"blink(1). 2023. blink(1) - the USB RGB LED notification light. https:\/\/blink1.thingm.com\/"},{"key":"e_1_3_2_1_8_1","unstructured":"Dave Hodder. 2015. Open source firmware for the Launchpad Pro grid controller. https:\/\/github.com\/dvhdr\/launchpad-pro"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.05.008"},{"key":"e_1_3_2_1_10_1","unstructured":"Adrienne Porter Felt Elizabeth Ha Serge Egelman Ariel Haney Erika Chin and David Wagner. 2012. Android permissions: User attention comprehension and behavior. In SOUPS."},{"key":"e_1_3_2_1_11_1","unstructured":"Fibocom. 2013. AT Commands User Manual. https:\/\/web.archive.org\/web\/20240616014731\/https:\/\/www.maritex.com.pl\/product\/attachment\/40451\/15b4db6d1a10eada42700f7293353776"},{"key":"e_1_3_2_1_12_1","unstructured":"GamingOnLinux. 2023. Desktop Environment Trends. https:\/\/www.gamingonlinux.com\/users\/statistics\/#DesktopEnvironment-top"},{"key":"e_1_3_2_1_13_1","unstructured":"Globotron. 2023a. Armadillo Hardware Firewall USB 2.0. https:\/\/globotron.nz\/products\/armadillo-hardware-usb-firewall"},{"key":"e_1_3_2_1_14_1","unstructured":"Globotron. 2023b. USG v1.0 Hardware Firewall. https:\/\/globotron.nz\/products\/usg-v1-0-hardware-usb-firewall"},{"key":"e_1_3_2_1_15_1","unstructured":"Google Chrome Developers. 2019. Making user activation consistent across APIs. https:\/\/developer.chrome.com\/blog\/user-activation\/"},{"key":"e_1_3_2_1_16_1","unstructured":"Grant Reilly. 2018. Building a device for WebUSB. https:\/\/developer.chrome.com\/articles\/build-for-webusb\/"},{"key":"e_1_3_2_1_17_1","unstructured":"Hak5. 2023a. Payload Library for the USB Rubber Ducky. https:\/\/github.com\/hak5\/usbrubberducky-payloads"},{"key":"e_1_3_2_1_18_1","unstructured":"Hak5. 2023b. USB Rubber Ducky. https:\/\/hak5.org\/products\/usb-rubber-ducky"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3383219.3383248"},{"volume-title":"Seminar Work","author":"He Sheng","key":"e_1_3_2_1_20_1","unstructured":"Sheng He and Ing Christof Paar. 2007. SIM card security. In Seminar Work, Ruhr-University of Bochum."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"Peter C Johnson Sergey Bratus and Sean W Smith. 2017. Protecting against malicious bits on the wire: Automatically generating a USB protocol parser for a production kernel. In ACSAC.","DOI":"10.1145\/3134600.3134630"},{"key":"e_1_3_2_1_22_1","volume-title":"Forensic Log Based Detection For Keystroke Injection'' BadUsb'' Attacks. arXiv preprint arXiv:2302.04541","author":"Karantzas George","year":"2023","unstructured":"George Karantzas. 2023. Forensic Log Based Detection For Keystroke Injection'' BadUsb'' Attacks. arXiv preprint arXiv:2302.04541 (2023)."},{"key":"e_1_3_2_1_23_1","unstructured":"Ankit Kariryaa Gian-Luca Savino Carolin Stellmacher and Johannes Sch\u00f6ning. 2021. Understanding users' knowledge about the privacy and security of browser extensions. In USENIX."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44202-9_22"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"Chaz Lever Robert Walls Yacin Nadji David Dagon Patrick McDaniel and Manos Antonakakis. 2016. Domain-Z: 28 registrations later measuring the exploitation of residual trust in domains. In S&P.","DOI":"10.1109\/SP.2016.47"},{"key":"e_1_3_2_1_26_1","unstructured":"libratbag Team. 2023. libratbag. https:\/\/github.com\/libratbag\/libratbag"},{"volume-title":"Public Documentation of the Logitech HID Protocol. https:\/\/drive.google.com\/drive\/folders\/0BxbRzx7vEV7eWmgwazJ3NUFfQ28","key":"e_1_3_2_1_27_1","unstructured":"Logitech. 2018. Public Documentation of the Logitech HID Protocol. https:\/\/drive.google.com\/drive\/folders\/0BxbRzx7vEV7eWmgwazJ3NUFfQ28"},{"key":"e_1_3_2_1_28_1","unstructured":"Lottie Thomas. 2024. Launchpad MK2 Programmer's Reference Manual v1.03. Focusrite Audio Engineering LTD."},{"key":"e_1_3_2_1_29_1","unstructured":"Marcus Mengs. 2019. Summary \/ Overview of known Logitech wireless peripheral vulnerabilities. https:\/\/github.com\/mame82\/misc\/blob\/5e7f02962b5556a03aa6d4277c8618e536117f7b\/logitech_vuln_summary.md"},{"key":"e_1_3_2_1_30_1","volume-title":"Mouse Trap: Exploiting Firmware Updates in USB Peripherals. In WOOT.","author":"Maskiewicz Jacob","year":"2014","unstructured":"Jacob Maskiewicz, Benjamin Ellis, James Mouradian, and Hovav Shacham. 2014. Mouse Trap: Exploiting Firmware Updates in USB Peripherals. In WOOT."},{"key":"e_1_3_2_1_31_1","unstructured":"Microsoft. 2022. HID Architecture. https:\/\/learn.microsoft.com\/en-us\/windows-hardware\/drivers\/hid\/hid-architecture#hid-clients-supported-in-windows"},{"key":"e_1_3_2_1_32_1","unstructured":"Microsoft. 2023a. Copy the window or screen contents. https:\/\/support.microsoft.com\/en-us\/office\/copy-the-window-or-screen-contents-98c41969--51e5--45e1-be36-fb9381b32bb7"},{"key":"e_1_3_2_1_33_1","unstructured":"Microsoft. 2023b. Use voice typing to talk instead of type on your PC. https:\/\/support.microsoft.com\/en-us\/windows\/use-voice-typing-to-talk-instead-of-type-on-your-pc-fec94565-c4bd-329d-e59a-af033fa5689f"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3289100.3289121"},{"key":"e_1_3_2_1_35_1","unstructured":"Mozilla. 2023a. Clipboard API. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Clipboard\/"},{"key":"e_1_3_2_1_36_1","unstructured":"Mozilla. 2023b. Permissions Policy. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Permissions_Policy"},{"key":"e_1_3_2_1_37_1","unstructured":"Mozilla. 2023c. Referer. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Referer"},{"key":"e_1_3_2_1_38_1","unstructured":"Mozilla. 2023 d. Secure Context. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Security\/Secure_Contexts"},{"key":"e_1_3_2_1_39_1","unstructured":"Mozilla. 2023 e. Standard Positions. https:\/\/mozilla.github.io\/standards-positions\/#webhid"},{"key":"e_1_3_2_1_40_1","unstructured":"Mozilla. 2023 f. User Activation. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Security\/User_activation"},{"key":"e_1_3_2_1_41_1","unstructured":"Mozilla. 2023 g. Web APIs. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API"},{"key":"e_1_3_2_1_42_1","unstructured":"Mozilla. 2023 h. WebHID. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/WebHID_API"},{"key":"e_1_3_2_1_43_1","unstructured":"Mozilla. 2023 i. WebSerial. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Web_Serial_API"},{"key":"e_1_3_2_1_44_1","unstructured":"Mozilla. 2023 j. WebSerial. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Web_MIDI_API"},{"key":"e_1_3_2_1_45_1","unstructured":"Mozilla. 2024a. Progressive web apps. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Progressive_web_apps"},{"key":"e_1_3_2_1_46_1","unstructured":"Mozilla. 2024b. Site Permission Add-ons. https:\/\/support.mozilla.org\/en-US\/kb\/site-permission-add-ons"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Jens M\u00fcller Vladislav Mladenov Juraj Somorovsky and J\u00f6rg Schwenk. 2017. SoK: Exploiting Network Printers. In S&P.","DOI":"10.1109\/SP.2017.47"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPIN52536.2021.9566083"},{"key":"e_1_3_2_1_49_1","volume-title":"Usblock: Blocking usb-based keypress injection attacks. In DBSec.","author":"Neuner Sebastian","year":"2018","unstructured":"Sebastian Neuner, Artemios G Voyiatzis, Spiros Fotopoulos, Collin Mulliner, and Edgar R Weippl. 2018. Usblock: Blocking usb-based keypress injection attacks. In DBSec."},{"key":"e_1_3_2_1_50_1","volume-title":"KeySniffer and Beyond: Keystroke Sniffing and Injection Vulnerabilities in 2.4 GHz Wireless Mice and Keyboards. DEFCON","author":"Newlin Marc","year":"2016","unstructured":"Marc Newlin. 2016. MouseJack, KeySniffer and Beyond: Keystroke Sniffing and Injection Vulnerabilities in 2.4 GHz Wireless Mice and Keyboards. DEFCON (2016)."},{"key":"e_1_3_2_1_51_1","volume-title":"BadUSB - On Accessories that Turn Evil. Black Hat USA","author":"Nohl Karsten","year":"2014","unstructured":"Karsten Nohl and Jakob Lell. 2014. BadUSB - On Accessories that Turn Evil. Black Hat USA (2014)."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"crossref","unstructured":"Kazuki Nomoto Takuya Watanabe Eitaro Shioji Mitsuaki Akiyama and Tatsuya Mori. 2023. Browser Permission Mechanisms Demystified. In NDSS.","DOI":"10.14722\/ndss.2023.23109"},{"key":"e_1_3_2_1_53_1","volume-title":"Information Security Management Handbook","volume":"5","author":"Nozaki M.K.","unstructured":"M.K. Nozaki and H.F. Tipton. 2016. Information Security Management Handbook, Volume 5. Number v. 5. CRC Press."},{"key":"e_1_3_2_1_54_1","unstructured":"Open Web Application Security Project (OWASP). 2021. Top 10 Web Application Security Risks. https:\/\/owasp.org\/Top10\/"},{"key":"e_1_3_2_1_55_1","volume-title":"Leonardo Babun, and Selcuk Uluagac.","author":"Oz Harun","year":"2023","unstructured":"Harun Oz, Ahmet Aris, Abbas Acar, G\u00fcliz Seray Tuncay, Leonardo Babun, and Selcuk Uluagac. 2023. R\u00f8B: Ransomware over Modern Web Browsers. In USENIX."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"crossref","unstructured":"Andrew Regenscheid. 2017. Platform firmware resiliency guidelines.","DOI":"10.6028\/NIST.SP.800-193"},{"key":"e_1_3_2_1_57_1","volume-title":"MIDI: a Comprehensive Introduction","author":"Rothstein Joseph","unstructured":"Joseph Rothstein. 1995. MIDI: a Comprehensive Introduction, 2nd ed.Atlantic Books.","edition":"2"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"crossref","unstructured":"Merve Sahin Aur\u00e9lien Francillon Payas Gupta and Mustaque Ahamad. 2017. SoK: Fraud in Telephony Networks. In EuroS&P.","DOI":"10.1109\/EuroSP.2017.40"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"crossref","unstructured":"Michael Schwarz Moritz Lipp and Daniel Gruss. 2018. JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks. In NDSS.","DOI":"10.14722\/ndss.2018.23094"},{"key":"e_1_3_2_1_60_1","unstructured":"Victoria Shannon. 1999. The Rise and Fall of the Modem King. https:\/\/www.nytimes.com\/1999\/01\/07\/news\/the-rise-and-fall-of-the-modem-king.html"},{"key":"e_1_3_2_1_61_1","unstructured":"StatCounter Global Stats. 2023a. Operating System macOS Version Market Share Worldwide. https:\/\/gs.statcounter.com\/os-version-market-share\/macos\/desktop\/worldwide"},{"key":"e_1_3_2_1_62_1","unstructured":"StatCounter Global Stats. 2023b. Operating System Market Share Worldwide. https:\/\/gs.statcounter.com\/os-market-share\/desktop\/worldwide"},{"key":"e_1_3_2_1_63_1","unstructured":"Dave Jing Tian Adam Bates and Kevin Butler. 2015. Defending against malicious USB firmware with GoodUSB. In ACSAC."},{"key":"e_1_3_2_1_64_1","unstructured":"Dave Jing Tian Nolen Scaife Adam Bates Kevin Butler and Patrick Traynor. 2016. Making USB great again with USBFILTER. In USENIX."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"crossref","unstructured":"Jing Tian Nolen Scaife Deepak Kumar Michael Bailey Adam Bates and Kevin Butler. 2018. SoK:'' Plug & Pray'' today--understanding USB insecurity in versions 1 through C. In S&P.","DOI":"10.1109\/SP.2018.00037"},{"key":"e_1_3_2_1_66_1","unstructured":"USB Implementers Forum (USB-IF). 2000. USB 2.0 Specification. https:\/\/www.usb.org\/document-library\/usb-20-specification"},{"key":"e_1_3_2_1_67_1","unstructured":"USB Implementers Forum (USB-IF). 2001. Device Class Definition for Human Interface Devices (HID) - Version 1.11. https:\/\/www.usb.org\/sites\/default\/files\/hid111.pdf"},{"key":"e_1_3_2_1_68_1","unstructured":"Vuchener Cl\u00e9ment. 2015. HID library and tools. https:\/\/github.com\/cvuchener\/hidpp"},{"volume-title":"Web MIDI API W3C Editor","author":"W3C Audio Working Group","key":"e_1_3_2_1_69_1","unstructured":"W3C Audio Working Group. 2024. Web MIDI API W3C Editor's Draft. https:\/\/webaudio.github.io\/web-midi-api\/"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"crossref","unstructured":"Takuya Watanabe Eitaro Shioji Mitsuaki Akiyama and Tatsuya Mori. 2020. Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites.. In NDSS.","DOI":"10.14722\/ndss.2020.24140"},{"key":"e_1_3_2_1_71_1","unstructured":"Web Hypertext Application Technology Working Group (WHATWG). 2023. CORS Protocol. https:\/\/fetch.spec.whatwg.org\/#cors-protocol"},{"key":"e_1_3_2_1_72_1","unstructured":"Web Incubator Community Group (WICG). 2022. WebHID API Draft Community Group Report. https:\/\/wicg.github.io\/webhid\/"},{"key":"e_1_3_2_1_73_1","unstructured":"Web Incubator Community Group (WICG). 2023a. WebBluetooth GATT Blocklist. https:\/\/github.com\/WebBluetoothCG\/registries\/blob\/master\/gatt_blocklist.txt"},{"key":"e_1_3_2_1_74_1","unstructured":"Web Incubator Community Group (WICG). 2023b. WebHID Blocklist. https:\/\/github.com\/WICG\/webhid\/blob\/main\/blocklist.txt"},{"key":"e_1_3_2_1_75_1","unstructured":"Web Incubator Community Group (WICG). 2023c. WebHID Explainer. https:\/\/wicg.github.io\/webhid\/EXPLAINER.html"},{"key":"e_1_3_2_1_76_1","unstructured":"Web Incubator Community Group (WICG). 2023 d. WebSerial Bluetooth Service Blocklist. https:\/\/github.com\/WICG\/serial\/blob\/main\/bluetooth-service-blocklist.txt"},{"volume-title":"2023 e","author":"Web Incubator Community Group (WICG).","key":"e_1_3_2_1_77_1","unstructured":"Web Incubator Community Group (WICG). 2023 e. WebUSB API Draft Community Group Report. https:\/\/wicg.github.io\/webusb\/"},{"key":"e_1_3_2_1_78_1","unstructured":"Web Incubator Community Group (WICG). 2023 f. WebUSB Blocklist. https:\/\/github.com\/WICG\/webusb\/blob\/main\/blocklist.txt"},{"key":"e_1_3_2_1_79_1","unstructured":"Web Incubator Community Group (WICG). 2024a. Web Bluetooth API Draft Community Group Report. https:\/\/webbluetoothcg.github.io\/web-bluetooth\/"},{"key":"e_1_3_2_1_80_1","unstructured":"Web Incubator Community Group (WICG). 2024b. Web Serial API Draft Community Group Report. https:\/\/wicg.github.io\/serial\/"},{"key":"e_1_3_2_1_81_1","unstructured":"Wireshark. 2020. USB capture setup. https:\/\/wiki.wireshark.org\/CaptureSetup\/USB"}],"event":{"name":"WWW '25: The ACM Web Conference 2025","sponsor":["SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"],"location":"Sydney NSW Australia","acronym":"WWW '25"},"container-title":["Proceedings of the ACM on Web Conference 2025"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3696410.3714637","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3696410.3714637","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:56Z","timestamp":1750295936000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3696410.3714637"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,4,22]]},"references-count":81,"alternative-id":["10.1145\/3696410.3714637","10.1145\/3696410"],"URL":"https:\/\/doi.org\/10.1145\/3696410.3714637","relation":{},"subject":[],"published":{"date-parts":[[2025,4,22]]},"assertion":[{"value":"2025-04-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}