JFCGuard: Detecting juice filming charging attack via processor usage analysis on smartphones

Abstract Smartphones have become necessities in people's lives, so that many more public charging stations are under deployment worldwide to meet the increasing demand of phone charging (i.e., in airports, subways, shops, etc.). However, this situation may expose a hole for cyber-criminals to launch various attacks especially charging attacks and threaten users' privacy. As an example, juice filming charging (JFC) attack is able to steal users' sensitive and private information from both Android OS and iOS devices, through automatically recording phone screen and monitoring users' inputs during the whole charging period. More importantly, this attack does not need any permission or installing any pieces of apps on users' side. The rationale is that users' information can be leaked through a standard micro USB connector that employs the Mobile High-Definition Link (MHL) standard. Motivated by the potential damage of JFC attack, in this work, we investigate the impact of JFC attack on processor usage including both CPU and GPU usage. It is found that JFC attack would cause a noticeable usage increase when connecting the phone to the JFC charger. Then, we design a security mechanism, called JFCGuard, to detect JFC attack based on processor usage analysis for smartphone users. In the evaluation, we perform a user study with over 250 participants and the results demonstrate that JFCGuard can identify JFC attack in an effective way. Our work aims to complement existing research results and stimulate more research in this area.

[1]  Lam-For Kwok,et al.  Adaptive False Alarm Filter Using Machine Learning in Intrusion Detection , 2011 .

[2]  Zhen Wang,et al.  uWave: Accelerometer-based Personalized Gesture Recognition and Its Applications , 2009, PerCom.

[3]  M. Shaw,et al.  Induction of fuzzy decision trees , 1995 .

[4]  Feng Zhou,et al.  Keyboard acoustic emanations revisited , 2009 .

[5]  XiaoFeng Wang,et al.  Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating , 2014, 2014 IEEE Symposium on Security and Privacy.

[6]  Romit Roy Choudhury,et al.  Tapprints: your finger taps have fingerprints , 2012, MobiSys '12.

[7]  Muttukrishnan Rajarajan,et al.  PIndroid: A novel Android malware detection system using ensemble learning , 2017 .

[8]  Weizhi Meng,et al.  JuiceCaster: Towards automatic juice filming attacks on smartphones , 2016, J. Netw. Comput. Appl..

[9]  Weizhi Meng,et al.  A Framework for Large-Scale Collection of Information from Smartphone Users based on Juice Filming Attacks , 2016, SG-CRC.

[10]  Dimitris Gritzalis,et al.  Delegate the smartphone user? Security awareness in smartphone platforms , 2013, Comput. Secur..

[11]  Herbert Bos,et al.  Instruction-Level Steganography for Covert Trigger-Based Malware - (Extended Abstract) , 2014, DIMVA.

[12]  Alessio Merlo,et al.  On energy-based profiling of malware in Android , 2014, 2014 International Conference on High Performance Computing & Simulation (HPCS).

[13]  Hongyang Li,et al.  Screenmilker: How to Milk Your Android Screen for Secrets , 2014, NDSS.

[14]  Jun Han,et al.  ACCessory: password inference using accelerometers on smartphones , 2012, HotMobile '12.

[15]  Rakesh Agrawal,et al.  Keyboard acoustic emanations , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[16]  Yongdae Kim,et al.  Timing attacks on PIN input devices , 2010, CCS '10.

[17]  Patrick Traynor,et al.  (sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers , 2011, CCS '11.

[18]  Sancheng Peng,et al.  Smartphone Malware and Its Propagation Modeling: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[19]  Man Ho Au,et al.  Harvesting Smartphone Privacy Through Enhanced Juice Filming Charging Attacks , 2017, ISC.

[20]  Geoffrey E. Hinton,et al.  Learning representations by back-propagating errors , 1986, Nature.

[21]  Lijun Jiang,et al.  Trust It or Not? An Empirical Study of Rating Mechanism and Its Impact on Smartphone Malware Propagation , 2016, IFIPTM.

[22]  Stephen Flowerday,et al.  Smartphone information security awareness: A victim of operational pressures , 2014, Comput. Secur..

[23]  Jun Han,et al.  ACComplice: Location inference using accelerometers on smartphones , 2012, 2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012).

[24]  Wenjuan Li,et al.  Enhancing email classification using data reduction and disagreement-based semi-supervised learning , 2014, 2014 IEEE International Conference on Communications (ICC).

[25]  Juha Karhunen,et al.  A pragmatic android malware detection procedure , 2017, Comput. Secur..

[26]  Yang Zhang,et al.  Fingerprint attack against touch-enabled devices , 2012, SPSM '12.

[27]  Hao Chen,et al.  TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion , 2011, HotSec.

[28]  Martin Vuagnoux,et al.  Compromising Electromagnetic Emanations of Wired and Wireless Keyboards , 2009, USENIX Security Symposium.

[29]  Sotiris Ioannidis,et al.  Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software , 2015, DIMVA.

[30]  Apu Kapadia,et al.  Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones , 2011, NDSS.

[31]  Alessio Merlo,et al.  Towards energy-aware intrusion detection systems on mobile devices , 2013, 2013 International Conference on High Performance Computing & Simulation (HPCS).

[32]  Chunhua Su,et al.  Exploring Energy Consumption of Juice Filming Charging Attack on Smartphones: A Pilot Study , 2017, NSS.

[33]  Jan-Michael Frahm,et al.  iSpy: automatic reconstruction of typed input from compromising reflections , 2011, CCS '11.

[34]  Mauro Conti,et al.  No Free Charge Theorem: A Covert Channel via USB Charging Cable on Mobile Devices , 2016, ACNS.

[35]  Adam J. Aviv,et al.  Smudge Attacks on Smartphone Touch Screens , 2010, WOOT.

[36]  Jun Zhang,et al.  Modeling and Analysis on the Propagation Dynamics of Modern Email Malware , 2014, IEEE Transactions on Dependable and Secure Computing.

[37]  Weizhi Meng,et al.  Charging Me and I Know Your Secrets!: Towards Juice Filming Attacks on Smartphones , 2015, CPSS@ASIACSS.

[38]  Duncan S. Wong,et al.  TMGuard: A Touch Movement-Based Security Mechanism for Screen Unlock Patterns on Smartphones , 2016, ACNS.

[39]  Alessio Merlo,et al.  A survey on energy-aware security mechanisms , 2015, Pervasive Mob. Comput..

[40]  Thorsten Holz,et al.  Mobile Malware Detection Based on Energy Fingerprints - A Dead End? , 2013, RAID.