Current - Issue

The widespread use of Universal Serial Bus (USB) storage devices has introduced significant cybersecurity vulnerabilities, particularly in standalone and air-gapped computing environments that operate without internet connectivity. Traditional antivirus solutions relying on cloud-based signature databases and periodic online updates are inherently ineffective in such offline scenarios, leaving critical systems exposed to malware propagated through removable media. This paper presents a lightweight, modular software framework for detecting offline USB-based attacks on standalone systems. The proposed framework employs a multi-layered detection architecture integrating extension-based file filtering, SHA-256 hash comparison against a locally maintained malware signature database, entropy-based identification of obfuscated or packed threats, and behaviour analysis techniques. Upon detection of a USB insertion event, the system autonomously triggers a recursive file scanner, classifies identified threats through a dynamic risk-scoring mechanism, and isolates malicious files via an automated quarantine subsystem. An alert notification interface implemented using Python Tkinter, a comprehensive logging module, and a graphical monitoring dashboard further enhance operational transparency and usability. The framework is implemented entirely in Python and PowerShell, requiring no internet dependency, and is validated through controlled experimental testing. Evaluation results demonstrate a mean threat detection accuracy of 94.3% across diverse malware sample categories, with an average USB-insertion- to-alert latency of 3.8 seconds and quarantine execution completing within 1.2 seconds. The proposed solution provides a practical, scalable, and reproducible cybersecurity mechanism suitable for industrial, governmental, and educational standalone environments.