Zhuoran Liu, Léo Weissbart, Dirk Lauret (Radboud University)

Screen Gleaning is a TEMPEST attack in which the screen of a mobile device is read without a visual line of sight, revealing sensitive information displayed on the phone screen. Specifically, it uses a software-defined radio (SDR) to pick up the electromagnetic signals that the device sends to the screen to display, recreate a gray-scale image (i.e., an emage), and discriminates sensitive signals by machine learning. Specifically, we propose and analyze screen gleaning attacker models, propose testbeds, and validate the effectiveness of screen gleaning attacks by experiments. In this work, we focus on implementation details. We first talk about our experimental setup. We present the differences between the different types of displays used in mobile phones and discuss the testbed, data processing, and other factors that influence the effectiveness of the attack. This research demonstrated that the results of screen gleaning are strongly dependent on the setup e.g., the strength of the received signal significantly conditions the quality of the emage. The signal strength is influenced by the position of the antenna and the radiated signal strength of the display cable in the phone. TempestSDR is a software toolkit for remotely eavesdropping video monitors using a SDR receiver. This software was used to process the received signals. This research showed that TempestSDR is effective for digital and analog screens. In future research, we would like to design an SDR that will be able to allow screen gleaning attacks to be performed on all phones, regardless of their display type.

Speaker's biographies
Dirk Lauret received a Bachelor’s degree in Electrical Engineering from the Eindhoven University of Technology, the Netherlands, in 2018. He is currently pursuing three Master of Science programs: one degree in Electrical Engineering at the Eindhoven University of Technology, one degree in Information Security Technology at the Eindhoven University of Technology and Radboud University, and one degree in Science of Education and Communication at the Eindhoven University of Technology. His research interests are mobile communication systems, and side-channel attacks and countermeasures.

Zhuoran Liu received the M.Sc. degree from Radboud University, The Netherlands, in 2018. He is currently pursuing a Ph.D. in computer science at Radboud University. His research interests include multimedia privacy and security, recommender systems, and information retrieval.

Léo Weissbart received a Master's degree in Electrical and Computer engineering from l'Institut Polytechnique de Grenoble, France, in 2018. He is currently a Ph.D. candidate at EEMCS INSY of TU Delft and the Digital Security group of the Radboud University in Nijmegen, the Netherlands. His research interests are side-channel attacks and countermeasures, public-key cryptography, and Deep-Learning applied to side-channel analysis.

View More Papers

Work in Progress: Programmable In-Network Obfuscation of DNS Traffic

Liang Wang, Hyojoon Kim, Prateek Mittal, Jennifer Rexford (Princeton University)

Read More

Deceptive Deletions for Protecting Withdrawn Posts on Social Media...

Mohsen Minaei (Visa Research), S Chandra Mouli (Purdue University), Mainack Mondal (IIT Kharagpur), Bruno Ribeiro (Purdue University), Aniket Kate (Purdue...

Read More

Obfuscated Access and Search Patterns in Searchable Encryption

Zhiwei Shang (University of Waterloo), Simon Oya (University of Waterloo), Andreas Peter (University of Twente), Florian Kerschbaum (University of Waterloo)

Read More

Time-Based CAN Intrusion Detection Benchmark

Deborah Blevins (University of Kentucky), Pablo Moriano, Robert Bridges, Miki Verma, Michael Iannacone, and Samuel Hollifield (Oak Ridge National Laboratory)

Read More