HID attacks have gradually made up as one of the major cyberspace threats that currently exist as far as current exploitations by decent operating systems are concerned, intended only for trusting USB devices. The attacks included the use of compromised USB devices for payload delivery using applications such as BadUSB and Rubber Ducky in commands to avoid security mechanisms and gain unauthorized access to the system's mechanisms. This survey paper reviews comprehensive literature related to HID attacks, covering various attack techniques, detection methods, and mitigation strategies proposed by different researchers. It has been found that most traditional security solutions such as antivirus applications and endpoint protection solutions fail to identify any HID-based threats as these execute at the hardware level. Many research efforts were made toward developing machine learning-based detection mechanisms, cryptographic authentication, and solutions to develop the hardware security subsystem to fight against such attacks. However, the attackers always change their tactics, so there must be a strategy of multi-layered defense consisting of appropriate real-time monitoring, enforcement of policies, and user awareness training. It also discusses several gaps that nations still have in HID attack mitigation and most importantly, future work in adaptive and proactive security measures research.
