计算机科学
无线
计算机安全
信息泄露
无线安全
窃听
无线网络
计算机网络
电信
作者
Jianwei Liu,Xiaopeng Zou,Lian Zhao,Yi Tao,Sideng Hu,Jinsong Han,Kui Ren
出处
期刊:IEEE Transactions on Dependable and Secure Computing
[Institute of Electrical and Electronics Engineers]
日期:2022-01-01
卷期号:: 1-1
被引量:3
标识
DOI:10.1109/tdsc.2022.3173063
摘要
Wireless charging is becoming an essential power supply pattern for electronic devices. Currently, mainstream smartphones are almost compatible with wireless charging. However, when the charging efficiency is continuously improved, its security challenge still remains open yet overlooked. In this paper, we reveal that severe security flaws exist in the wireless charging procedure of off-the-shelf commodity smartphones. Specifically, we find that an attacker can utilize the electromagnetic induction effect between the wireless charger and the smartphone to detect the activities and operations performed on the smartphone. We term such attack as EM-Surfing side-channel attack and build a theoretical model to show its feasibility. To explore the hazard of \textit{EM-Surfing}, we propose a three-module attack method, with which we conduct real-world experiments over three mainstream models of smartphones. The results show that the attacker can achieve over 99%, 96%, 94%, and 97% accuracy when inferring the passcode, keystroke, App information, and speech content. We also design an App named SecCharging to prevent smartphones from EM-Surfing attacks. The defense experiment results demonstrate that SecCharging can mitigate the threats posed by EM-Surfing effectively.
科研通智能强力驱动
Strongly Powered by AbleSci AI