IEMI Threats for Information Security: Remote Command Injection on Modern Smartphones

Kasmi, Chaouki; Esteves, José Lopes

doi:10.1109/temc.2015.2463089

Cited by 78 publications

(70 citation statements)

References 8 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is because headphones can be used as FM antennas and can thus not be effectively shielded. It should be noted that the field strength required was in the order of 25−30 V m −1 , which is close to the limit for human safety, and an order of magnitude higher than the required immunity level (3 V m −1 ) [38]. This illustrates that high powers might still be required for reasonable attack distances: in a subsequent work, the authors noted that their attack requires a power of 40 W for a distance of 2 m, and 200 W for a distance of 4 m [40].…”

Section: Electromagnetic Transmissionsmentioning

confidence: 75%

“…The term (sensor) spoofing [8], [9], [14], [43] was also Injection [5], [13], [35], [38], [41]- [44] Intentional Interference [5], [10], [12], [36], [38], [40], [42], [49] Non-Linearity [11], [54], [55], [68] Spoofing [8], [9], [14], [43] Other (See Text) [7], [53], [67] avoided for similar reasons: it has an overloaded meaning in authentication contexts and with in-band signal injection attacks [6], [52]. Moreover, it does not capture the physical aspect of injections, and does not accurately describe coarsegrained attacks which lead to saturation of a sensor.…”

Section: Choice Of Terminologymentioning

confidence: 99%

“…Modulated (AM) signals [38]. These signals get picked up by the user's hands-free headset, are then demodulated due to non-linearities, and finally get executed by the software voiceprocessing service.…”

Section: Electromagnetic Transmissionsmentioning

confidence: 99%

“…These signals get picked up by the user's hands-free headset, are then demodulated due to non-linearities, and finally get executed by the software voiceprocessing service. It is interesting to note that by default, "a long hardware button press is required for launching the service" [38]. However, a Frequency-Modulated (FM) signal at the same frequency can also emulate this headphone button press [38], allowing the attack to be fully carried out remotely.…”

Section: Electromagnetic Transmissionsmentioning

confidence: 99%

See 3 more Smart Citations

Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Giechaskiel

Rasmussen

2020

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Recent research has shown that the integrity of sensor measurements can be violated through out-of-band signal injection attacks. These attacks target the conversion process from a physical quantity to an analog property-a process that fundamentally cannot be authenticated. Out-of-band signal injection attacks thus pose previously-unexplored security risks by exploiting hardware imperfections in the sensors themselves, or in their interfaces to microcontrollers. In response to the growingyet-disjointed literature in the subject, this article presents the first survey of out-of-band signal injection attacks. It focuses on unifying their terminology and identifying commonalities in their causes and effects through a chronological, evolutionary, and thematic taxonomy of attacks. By highlighting cross-influences between different types of out-of-band signal injections, this paper underscores the need for a common language irrespective of the attack method. By placing attack and defense mechanisms in the wider context of their dual counterparts of side-channel leakage and electromagnetic interference, this study identifies common threads and gaps that can help guide and inform future research. Overall, the ever-increasing reliance on sensors embedded in everyday commodity devices necessitates that a stronger focus be placed on improving the security of such systems against out-of-band signal injection attacks.

show abstract

Section: Electromagnetic Transmissionsmentioning

confidence: 75%

Section: Choice Of Terminologymentioning

confidence: 99%

Section: Electromagnetic Transmissionsmentioning

confidence: 99%

Section: Electromagnetic Transmissionsmentioning

confidence: 99%

See 2 more Smart Citations

Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Giechaskiel

Rasmussen

2020

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

show abstract

“…The google speech recognition library is very handful in this prospect. Kasmi and Esteves [9] considered the problem of coverting audio commands. The work in [10] proposes a Magical Mirror as an interface to provide basic services.…”

Section: Background Of Studymentioning

confidence: 99%

Artificially Intelligent Smart Mirror using Raspberry Pi

Kafi¹,

Alam²,

Hossain³

2018

IJCA

View full text Add to dashboard Cite

In this era of evolving technology, the human life is becoming simpler and time efficient. This paper depicts the design and development of smart mirror which will make our everyday life easier and time efficient. Smart Mirror is a simple mirror which has been enhanced by the help of technology. The aim of the smart mirror is to provide an easy way to information service such as news feeds, weather, clock etc. It also provides some basic AI features like real time interaction with users and so on. The Smart Mirror CPU is the Raspberry Pi 3 computer and the framework that retrieves data from the web through the Wi-Fi connectivity. Through facial recognition and speech recognition model, Smart Mirror can identify the user.

show abstract

Application of information communication network security management and control based on big data technology

2020

Int J Communication

View full text Add to dashboard Cite

Summary With the continuous development of communication technology and computer network technology and the continuous progress of social economy, information technology has penetrated into all aspects of people's lives. The basic task of communication network is to ensure the reliability and security of information transmission. Based on the above background, the purpose of this study is to study the application of information communication network security management and control based on big data technology. Based on the concept and management and control structure of information communication network, combined with the data collection and preprocessing in big data technology, this study analyzes the feasibility of big data technology applied in communication network management and control and expounds the specific application of big data technology from the four aspects of troubleshooting, security protection, business management, and resource allocation. At last, the test environment of information communication network security management and control platform based on big data technology is built in the laboratory to test the network management performance and routing transmission performance of the system. The experimental results show that the communication success rate of the information communication network security management and control platform based on big data technology remains to 91.78%. It can be seen from the test results that the information communication network security management and control platform based on big data technology can not only accurately collect sensor data but also have the function of real‐time monitoring network status and reconfiguration of nodes.

show abstract

IEMI Threats for Information Security: Remote Command Injection on Modern Smartphones

Cited by 78 publications

References 8 publications

Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Artificially Intelligent Smart Mirror using Raspberry Pi

Application of information communication network security management and control based on big data technology

Contact Info

Product

Resources

About