Malware spread from unprotected USB ports has been an increasing threat in recent years, resulting in a complete ban on using USB-based external devices on Army computers. As administrators have locked down auto-execute functions on Windows and other OSes, attackers have changed their tactics to spoofing hardware components, opening multiple devices (allowable under USB specs), and even exploiting holes in kernel drivers by sending specially crafted packets to the OS. Most systems provide little or no protection on the USB ports, based on the assumption that users will not attack their own computer. Chips that “talk” USB are completely configurable, widely available, and only a few dollars — providing a cheap and effective method to attack any computer, but particularly those without sophisticated users who are aware of such attacks. Cybernet is designing and implementing a low-cost USB hardware firewall that will provide another layer of assurance against malformed packet attacks by validating the USB connection and packets, while preventing a device from lying about its device type(s). Device storage will provide a log of firewall activity, and help in forensic analysis of unknown or untrusted devices.