Presented at
Black Hat USA 2022,
Aug. 10, 2022, 3:20 p.m.
(40 minutes)
Touchscreen-based electronic devices such as smart phones and smart tablets are widely used in our daily life. While the security of electronic devices has been heavily investigated recently, the resilience of touchscreens against various attacks has yet to be thoroughly investigated. In this presentation, for the first time, we show how touchscreen devices are vulnerable to Intentional Electromagnetic Interference (IEMI) attacks in a systematic and practical way.
Not only showing how practical IEMI attacks are established on touchscreens, we will also analyze and quantify the underlying mechanism allowing our novel touchscreen attacks in detail. We will show and explain how to calculate the minimum amount of electric field and signal frequency required to induce false touch events. The induced touch events allow attackers to remotely perform short-tap, long-press, and omni-directional gesture on touchscreen devices under a regular conference table without physically touching the victim devices.
Beyond simply showing how to generate touch events under an ideal scenario, we will introduce our novel and necessary techniques to build up the attack chains in a practical way, such as designing and using a phone locator to infer the position and orientation of the target smart phone out of sight, knowing if the injected IEMI signal works without seeing the screen, etc. We will show and explain how our state-of-the-art attack can be remotely used on different touchscreen devices and deliver practical attack outcomes, including unlocking gesture based pin lock, installing malware on Android devices, and connecting Siri on iOS devices.
Presenters:
-
Shuo Wang
- Professor, University of Florida
Shuo Wang received the PhD degree in Electrical Engineering from Virginia Tech, Blacksburg, VA in 2005. He is currently a full professor with the Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL. Dr. Shuo Wang has published more than 200 IEEE journal and conference papers and holds around 30 pending/issued US patents. He is an Associate Editor for the IEEE Transactions on Industry Applications and IEEE Transactions on Electromagnetic Compatibility. Dr. Wang was a recipient of the National Science Foundation CAREER Award in 2012. He has been an IEEE Fellow since 2019.
-
Yier Jin
- Associate Professor, University of Florida
Yier Jin is the Endowed IoT Term Professor in the Warren B. Nelms Institute for the Connected World and also an Associate Professor in the Department of Electrical and Computer Engineering (ECE) in the University of Florida (UF). His research focuses on the areas of embedded systems design and security, trusted hardware intellectual property (IP) cores and hardware-software co-design for modern computing systems. He is currently focusing on the design and security analysis on Internet of Things (IoT) and wearable devices with particular emphasis on information integrity and privacy protection in the IoT era. He has presented in Black Hat USA, Black Hat Europe, and RSA Conference.
-
Boyi Zhang
- Research Assistant, University of Florida
Boyi Zhang received the B.S degree in electrical engineering from the Harbin Institute of Technology, Harbin, China, in 2015. He received his M.S. and PhD degrees in electrical and computer engineering from the University of Florida, Gainesville, FL, USA, in 2017 and 2021, respectively. He is currently working as an R&D staff member in the Milan M. Jovanović Power Electronics Lab (MPEL) of Delta Electronics (Americas) Ltd. His research interests include wide bandgap power module packaging and electromagnetic interference (EMI) in power electronics systems.
-
Haoqi Shan
- Research Assistant, University of Florida
Haoqi Shan is a PhD student and graduate research assistant at the University of Florida. His research interests include side channel analysis, program analysis, secure architecture design, etc. Prior to his PhD program, he was a senior wireless security researcher at Qihoo 360 for three years. He has extensive experience in security research, especially where the hardware gets involved. He gave multiple research presentations at top tier security conferences, including Black Hat, Defcon, HITB, etc.
Links:
Similar Presentations: