Screen Gleaning is a TEMPEST attack in which the screen of a mobile device is read without a visual line of sight, revealing sensitive information displayed on the phone screen. Specifically, it uses a software-defined radio (SDR) to pick up the electromagnetic signals that the device sends to the screen to display, recreate a gray-scale image (i.e., an emage), and discriminates sensitive signals by machine learning. Specifically, we propose and analyze screen gleaning attacker models, propose testbeds, and validate the effectiveness of screen gleaning attacks by experiments. In this work, we focus on implementation details. We first talk about our experimental setup. We present the differences between the different types of displays used in mobile phones and discuss the testbed, data processing, and other factors that influence the effectiveness of the attack. This research demonstrated that the results of screen gleaning are strongly dependent on the setup e.g., the strength of the received signal significantly conditions the quality of the emage. The signal strength is influenced by the position of the antenna and the radiated signal strength of the display cable in the phone. TempestSDR is a software toolkit for remotely eavesdropping video monitors using a SDR receiver. This software was used to process the received signals. This research showed that TempestSDR is effective for digital and analog screens. In future research, we would like to design an SDR that will be able to allow screen gleaning attacks to be performed on all phones, regardless of their display type.

Speaker's biographies
Dirk Lauret received a Bachelor’s degree in Electrical Engineering from the Eindhoven University of Technology, the Netherlands, in 2018. He is currently pursuing three Master of Science programs: one degree in Electrical Engineering at the Eindhoven University of Technology, one degree in Information Security Technology at the Eindhoven University of Technology and Radboud University, and one degree in Science of Education and Communication at the Eindhoven University of Technology. His research interests are mobile communication systems, and side-channel attacks and countermeasures.

Zhuoran Liu received the M.Sc. degree from Radboud University, The Netherlands, in 2018. He is currently pursuing a Ph.D. in computer science at Radboud University. His research interests include multimedia privacy and security, recommender systems, and information retrieval.

Léo Weissbart received a Master's degree in Electrical and Computer engineering from l'Institut Polytechnique de Grenoble, France, in 2018. He is currently a Ph.D. candidate at EEMCS INSY of TU Delft and the Digital Security group of the Radboud University in Nijmegen, the Netherlands. His research interests are side-channel attacks and countermeasures, public-key cryptography, and Deep-Learning applied to side-channel analysis.

View More Papers

Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing

Jinghan Wang (University of California, Riverside), Chengyu Song (University of California, Riverside), Heng Yin (University of California, Riverside)

Read More

Tales of Favicons and Caches: Persistent Tracking in Modern...

Konstantinos Solomos (University of Illinois at Chicago), John Kristoff (University of Illinois at Chicago), Chris Kanich (University of Illinois at...

Read More

Measuring DoT/DoH Blocking Using OONI Probe: a Preliminary Study

S. Basso (Open Observatory of Network Interference)

Read More

Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile...

Zhuoran Liu (Radboud university), Niels Samwel (Radboud University), Léo Weissbart (Radboud University), Zhengyu Zhao (Radboud University), Dirk Lauret (Radboud University),...

Read More