Zhuoran Liu, Léo Weissbart, Dirk Lauret (Radboud University)

Screen Gleaning is a TEMPEST attack in which the screen of a mobile device is read without a visual line of sight, revealing sensitive information displayed on the phone screen. Specifically, it uses a software-defined radio (SDR) to pick up the electromagnetic signals that the device sends to the screen to display, recreate a gray-scale image (i.e., an emage), and discriminates sensitive signals by machine learning. Specifically, we propose and analyze screen gleaning attacker models, propose testbeds, and validate the effectiveness of screen gleaning attacks by experiments. In this work, we focus on implementation details. We first talk about our experimental setup. We present the differences between the different types of displays used in mobile phones and discuss the testbed, data processing, and other factors that influence the effectiveness of the attack. This research demonstrated that the results of screen gleaning are strongly dependent on the setup e.g., the strength of the received signal significantly conditions the quality of the emage. The signal strength is influenced by the position of the antenna and the radiated signal strength of the display cable in the phone. TempestSDR is a software toolkit for remotely eavesdropping video monitors using a SDR receiver. This software was used to process the received signals. This research showed that TempestSDR is effective for digital and analog screens. In future research, we would like to design an SDR that will be able to allow screen gleaning attacks to be performed on all phones, regardless of their display type.

Speaker's biographies
Dirk Lauret received a Bachelor’s degree in Electrical Engineering from the Eindhoven University of Technology, the Netherlands, in 2018. He is currently pursuing three Master of Science programs: one degree in Electrical Engineering at the Eindhoven University of Technology, one degree in Information Security Technology at the Eindhoven University of Technology and Radboud University, and one degree in Science of Education and Communication at the Eindhoven University of Technology. His research interests are mobile communication systems, and side-channel attacks and countermeasures.

Zhuoran Liu received the M.Sc. degree from Radboud University, The Netherlands, in 2018. He is currently pursuing a Ph.D. in computer science at Radboud University. His research interests include multimedia privacy and security, recommender systems, and information retrieval.

Léo Weissbart received a Master's degree in Electrical and Computer engineering from l'Institut Polytechnique de Grenoble, France, in 2018. He is currently a Ph.D. candidate at EEMCS INSY of TU Delft and the Digital Security group of the Radboud University in Nijmegen, the Netherlands. His research interests are side-channel attacks and countermeasures, public-key cryptography, and Deep-Learning applied to side-channel analysis.

View More Papers

Trusted Verification of Over-the-Air (OTA) Secure Software Updates on...

Anway Mukherjee, Ryan Gerdes, and Tam Chantem (Virginia Tech)

Read More

Доверя́й, но проверя́й: SFI safety for native-compiled Wasm

Evan Johnson (University of California San Diego), David Thien (University of California San Diego), Yousef Alhessi (University of California San Diego), Shravan Narayan (University Of California San Diego), Fraser Brown (Stanford University), Sorin Lerner (University of California San Diego), Tyler McMullen (Fastly Labs), Stefan Savage (University of California San Diego), Deian Stefan (University of California…

Read More

EarArray: Defending against DolphinAttack via Acoustic Attenuation

Guoming Zhang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Xinfeng Li (Zhejiang University), Gang Qu (University of Maryland), Wenyuan Xu (Zhejing University)

Read More

A Devil of a Time: How Vulnerable is NTP...

Yarin Perry (The Hebrew University of Jerusalem), Neta Rozen-Schiff (The Hebrew University of Jerusalem), Michael Schapira (The Hebrew University of Jerusalem)

Read More