This research is conducted to find a solution to prevent the spreading the Shortcut Trojan malware using the Access Control List modification method which is applied on USB Flash Disk (UFD) external storage. Shortcut Trojan infects UFD by injecting AutoRun.inf and AntiSys.exe files in the root directory of UFD which is connected to infected computers.  Once the infected UFD is connected to another unprotected host, the AutoRun.inf file in UFD will be run automatically executed its AntiSys.exe file in the victim host and the Trojan’s payload will compromise the host. The simply method to prevent Trojan malware which is inject AutoRun.inf file to UFD root directory is to protect the UFD root directory against the writing activities, as a consequence some sub-folder should be created under the root directory with no restriction so that the UFD still can be use properly. Access Control List (ACL) is a security policy feature provide by Microsoft Windows Operating System which is allow users to protect folder using a series of permission configuration. Applying ACL policy on UFD is implemented in this research where two UFD with ACL modification and with factory standard is compared its behavior against Shortcut Trojan infection.The result of this research shown that the Access Control List modification method on UFD effectively performed its functions in order to prevent the spreading of Shortcut Trojan where the Shortcut Trojan has lost its ability to infect the UFD which was modified on its ACL

 

Keywords: root directory, prevent the spreading, access control list

Abraham Silberschatz, Peter Baer Galvin, Greg Gagne, “Operating System Conceptâ€, 6th, Wiley, 2001

Britannica Encyclopedia, “Malwareâ€, www.britannica.com, 4 Juli 2014

Microsoft, “Access Control Listsâ€, http://msdn.microsoft.com/en-us/library/windows/desktop/aa374872%28v=vs.85%29.aspx