ComSpike is a community visitors evaluation instrument and IDS (Intrusion Detection System). This module gives a rule-based intrusion detection engine for USB visitors.It is ready to detect several types of malicious actions in USB visitors, resembling keyboard or mouse injection, exfiltration of smart information over USB or information manipulation.It makes use of kernel modules to carry out deep packet inspection on USB visitors and depends on libusb to seize it.The module can be utilized to guard methods from USB-based assaults and to observe USB visitors for malicious actions.
ComSpike is a useful instrument for safety analysts and system directors who want to guard their methods from USB-based assaults.Additionally it is helpful for researchers who wish to examine USB visitors and develop new methods to detect malicious actions.ComSpike has been utilized in a lot of high-profile investigations, together with the investigation of the Stuxnet assault.
