Passwords Through HDMI Cables

A team of researchers has made a significant breakthrough in the field of side-channel attacks, developing a new method to eavesdrop on HDMI signals using deep learning that can be abused to steal your passwords and other sensitive data.

The researchers, from the Universidad de la República in Uruguay, have created a system that can recover images from the electromagnetic waves emitted by HDMI cables and connectors.

The attack, known as TEMPEST, has been a concern for security experts for decades. It involves capturing the electromagnetic waves emitted by electronic devices, such as computers and televisions, to recover sensitive information.

In the past, TEMPEST attacks have been used to recover images from analog video signals, but the switch to digital signals has made it much harder to eavesdrop on HDMI signals.

EHA

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access

The TEMPEST Attack Breakthrough

The breakthrough came when they developed a deep learning module that can map the electromagnetic signal back to the displayed image.

This advancement significantly surpasses previous methods, which relied on manual tuning and demodulation of signals.

A novel system leverages a convolutional neural network (CNN) to infer source images from the baseband complex samples obtained via Software-Defined Radio (SDR).

Researchers evaluated their system on a dataset comprising over 3,500 samples, including both simulated and real captures.

Experimental setup. The enumeration corresponds to 1) antenna, 2) RF filters and amplifier, 3) SDR, and 4) the spying computer running a GNU Radio flowgraph

Findings revealed a substantial improvement in the average Character Error Rate (CER), with a reduction exceeding 60 percentage points compared to earlier techniques.

Additionally, the system demonstrated the capability to recover images from signals previously deemed too weak for detection.

Implications of this research are profound, emphasizing the potential vulnerability of HDMI signals to eavesdropping.

Researchers indicate that their system could be utilized to extract sensitive information, such as passwords or confidential data, from electronic devices. They also propose that the system could inform the development of new countermeasures against TEMPEST attacks.

According to the research report, The researchers have made their dataset and code publicly available, hoping to advance research in this area.

They also suggest that future research could focus on developing new methods to prevent TEMPEST attacks, such as using shielding or filtering to reduce the electromagnetic emissions from HDMI cables and connectors.

Developing a new method to eavesdrop on HDMI signals using deep learning is a significant breakthrough in side-channel attacks.

The system has the potential to recover sensitive information from electronic devices and highlights the need for new countermeasures to prevent TEMPEST attacks.

As research in this area advances, we will likely see new and innovative methods to prevent and detect TEMPEST attacks.

Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download

LEAVE A REPLY

Please enter your comment!
Please enter your name here