|
Touch screens on smart mobile devices such as cell phones or tablets allow both user input (touch events) and display output. For a touch screen to function, the mobile device stores input and display data in a graphics buffer internal to the device. The researchers have discovered that a malicious application running on the mobile device could silently monitor characteristics of the graphics buffer to identify the alphanumeric characters that the user types into the touch keyboard or information displayed on the screen. The malicious application could then send that information to a third party, violating the confidentiality of the user's input or output. This project is assessing the feasibility of attacks on the graphics buffer and studying characteristics of graphics buffer vulnerabilities. The researchers are developing software- and hardware-based defenses to mitigate such vulnerabilities.
The researchers are studying attacks that use a CPU cache-based side channel, a technique for deriving the access pattern of a process from another process, to identify which locations on the screen are being modified, allowing the attacker to gain information about user I/O activity such as data being typed on a keyboard. Prior work on cache-based side channel attacks and defenses has focused on cryptographic algorithms where the critical data has a small memory footprint, and is read-only. In contrast, graphics buffers are extremely large (on the order of MBytes), and are both read and written to, requiring new approaches for attacks and defenses. The project is studying how such attacks might be generalized, as well as the extent of feasible resolution and precision. Finally, the researchers are designing countermeasures, considering security, performance overhead, complexity, and impact on the core process pipeline and caches.
|
TWC: Small: Cache-based Side Channel Attacks on Smartphone Graphics Buffers: New Vulnerabilities and Defenses