TY - GEN
T1 - Tap 'n ghost
T2 - 40th IEEE Symposium on Security and Privacy, SP 2019
AU - Maruyama, Seita
AU - Wakabayashi, Satohiro
AU - Mori, Tatsuya
PY - 2019/5
Y1 - 2019/5
N2 - We present a novel attack named 'Tap 'n Ghost', which aims to attack the touchscreens of NFC-enabled mobile devices such as smartphones. Tap 'n Ghost consists of two striking attack techniques - - 'Tag-based Adaptive Ploy (TAP)' and 'Ghost Touch Generator.' First, using a NFC card emulator embedded in a common object such as table, a TAP system performs tailored attacks on the victim's smartphone by employing device fingerprinting; e.g., popping up a customized dialogue box asking whether or not to connect to an attacker's Bluetooth mouse. Further, Ghost Touch Generator forces the victim to connect to the mouse even if she or he aimed to cancel the dialogue by touching the 'cancel' button; i.e., it alters the selection of a button on a screen. After the connection is established, the attacker can remotely take control of the smartphone, with the knowledge about the layout of the screen derived from the device fingerprinting. To evaluate the reality of the attack, we perform an online survey with 300 respondents and a user study involving 16 participants. The results demonstrate that the attack is realistic. We additionally discuss the possible countermeasures against the threats posed by Tap 'n Ghost.
AB - We present a novel attack named 'Tap 'n Ghost', which aims to attack the touchscreens of NFC-enabled mobile devices such as smartphones. Tap 'n Ghost consists of two striking attack techniques - - 'Tag-based Adaptive Ploy (TAP)' and 'Ghost Touch Generator.' First, using a NFC card emulator embedded in a common object such as table, a TAP system performs tailored attacks on the victim's smartphone by employing device fingerprinting; e.g., popping up a customized dialogue box asking whether or not to connect to an attacker's Bluetooth mouse. Further, Ghost Touch Generator forces the victim to connect to the mouse even if she or he aimed to cancel the dialogue by touching the 'cancel' button; i.e., it alters the selection of a button on a screen. After the connection is established, the attacker can remotely take control of the smartphone, with the knowledge about the layout of the screen derived from the device fingerprinting. To evaluate the reality of the attack, we perform an online survey with 300 respondents and a user study involving 16 participants. The results demonstrate that the attack is realistic. We additionally discuss the possible countermeasures against the threats posed by Tap 'n Ghost.
KW - Attack
KW - NFC
KW - Smartphone
KW - Touchscreen
UR - http://www.scopus.com/inward/record.url?scp=85072937701&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85072937701&partnerID=8YFLogxK
U2 - 10.1109/SP.2019.00037
DO - 10.1109/SP.2019.00037
M3 - Conference contribution
AN - SCOPUS:85072937701
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 620
EP - 637
BT - Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 19 May 2019 through 23 May 2019
ER -