Consumers and businesses face a growing tide of malicious software that threatens the stability and performance of their computers and the security of their data. Computer programmers with malicious motivations have created and continue to create viruses, Trojan horses, worms and other programs in an attempt to compromise computer systems. These malicious programs are often referred to as malware.
Malware authors are constantly innovating to devise new methods for delivering their malware. In one attack, a device may be configured to present to computing systems as a human interface device, but may instead include a microcontroller programmed to submit malicious inputs when installed (e.g., to access unwanted and/or malicious Internet resources, such as advertisements or executable files). For example, a malicious Universal Serial Bus (“USB”) device may be designed to look like a USB flash drive, but may register with a computing system as a human interface device (e.g., a keyboard, a mouse, etc.). When a curious user plugs the device into a computing system, an operating system may automatically install a generic device driver for the device and immediately accept any inputs from the device (e.g., keyboard events, mouse events, etc.), allowing the device to control the computing system. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for identifying malware threat vectors.