Harvesting smartphone privacy through enhanced juice filming charging attacks

Weizhi MENG, Fei FEI, Wenjuan LI, Man Ho AU

Research output: Chapter in Book/Report/Conference proceedingChapters

18 Citations (Scopus)

Abstract

The increasingly high demand for smartphone charging in people’s daily lives has apparently encouraged much more public charging stations to be deployed in various places (e.g., shopping malls, airports). However, these public charging facilities may open a hole for cyber-criminals to infer private information and data from smartphone users. Juice filming charging (JFC) attack is a particular type of charging attacks, which is capable of stealing users’ sensitive information from both Android OS and iOS devices, through automatically monitoring and recording phone screen during the whole charging period. The rationale is that phone screen can be leaked through a standard micro USB connector, which adopts the Mobile High-Definition Link (MHL) standard. In practice, we identify that how to efficiently extract information from the captured videos remains a challenge for current JFC attack. To further investigate its practical influence, in this work, we focus on enhancing its performance in the aspects of extracting texts from images and correlating information, and then conducting a user study in a practical scenario. The obtained results demonstrate that our enhanced JFC attack can outperform the original one in collecting users’ information at large and extracting sensitive data with a higher accuracy. Our work aims to complement existing results and stimulate more efforts in defending smartphones against charging threats. Copyright © 2017 Springer International Publishing AG.

Original languageEnglish
Title of host publicationInformation security: 20th International Conference, ISC 2017, Ho Chi Minh City, Vietnam, November 22-24, 2017, proceedings
EditorsPhong Q. NGUYEN, Jianying ZHOU
Place of PublicationCham
PublisherSpringer
Pages291-308
ISBN (Electronic)9783319696591
ISBN (Print)9783319696584
DOIs
Publication statusPublished - 2017

Citation

Meng, W., Fei, F., Li, W., & Au, M. H. (2017). Harvesting smartphone privacy through enhanced juice filming charging attacks. In P. Q. Nguyen & J. Zhou (Eds.), Information security: 20th International Conference, ISC 2017, Ho Chi Minh City, Vietnam, November 22-24, 2017, proceedings (pp. 291-308). Springer. https://doi.org/10.1007/978-3-319-69659-1_16

Keywords

  • Mobile privacy and security
  • Android and iOS
  • Charging threat
  • OCR technology
  • Juice filming charging attack

Fingerprint

Dive into the research topics of 'Harvesting smartphone privacy through enhanced juice filming charging attacks'. Together they form a unique fingerprint.