Tap 'n ghost: A compilation of novel attack techniques against smartphone touchscreens

Seita Maruyama, Satohiro Wakabayashi, Tatsuya Mori

研究成果: Conference contribution

3 被引用数 (Scopus)

抄録

We present a novel attack named 'Tap 'n Ghost', which aims to attack the touchscreens of NFC-enabled mobile devices such as smartphones. Tap 'n Ghost consists of two striking attack techniques - - 'Tag-based Adaptive Ploy (TAP)' and 'Ghost Touch Generator.' First, using a NFC card emulator embedded in a common object such as table, a TAP system performs tailored attacks on the victim's smartphone by employing device fingerprinting; e.g., popping up a customized dialogue box asking whether or not to connect to an attacker's Bluetooth mouse. Further, Ghost Touch Generator forces the victim to connect to the mouse even if she or he aimed to cancel the dialogue by touching the 'cancel' button; i.e., it alters the selection of a button on a screen. After the connection is established, the attacker can remotely take control of the smartphone, with the knowledge about the layout of the screen derived from the device fingerprinting. To evaluate the reality of the attack, we perform an online survey with 300 respondents and a user study involving 16 participants. The results demonstrate that the attack is realistic. We additionally discuss the possible countermeasures against the threats posed by Tap 'n Ghost.

本文言語English
ホスト出版物のタイトルProceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019
出版社Institute of Electrical and Electronics Engineers Inc.
ページ620-637
ページ数18
ISBN(電子版)9781538666609
DOI
出版ステータスPublished - 2019 5
イベント40th IEEE Symposium on Security and Privacy, SP 2019 - San Francisco, United States
継続期間: 2019 5 192019 5 23

出版物シリーズ

名前Proceedings - IEEE Symposium on Security and Privacy
2019-May
ISSN(印刷版)1081-6011

Conference

Conference40th IEEE Symposium on Security and Privacy, SP 2019
CountryUnited States
CitySan Francisco
Period19/5/1919/5/23

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Software
  • Computer Networks and Communications

フィンガープリント 「Tap 'n ghost: A compilation of novel attack techniques against smartphone touchscreens」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル