EvilScreen attack: Smart TV hijacking via multi-channel remote control mimicry

Author

Yiwei ZHANG
Siqi MA
Tiancheng CHEN
Juanru LI
Robert H. DENG, Singapore Management UniversityFollow
Elisa BERTINO

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

7-2024

Abstract

Modern smart TVs often communicate with their remote controls (including the smartphone simulated ones) using multiple wireless channels (e.g., Infrared, Bluetooth, and Wi-Fi). However, this multi-channel remote control communication introduces a new attack surface. An inherent security flaw is that remote controls of most smart TVs are designed to work in a benign environment rather than an adversarial one, and thus wireless communications between a smart TV and its remote controls are not strongly protected. Attackers can leverage such a flaw to abuse the remote control communication and compromise smart TV systems. In this paper, we propose EvilScreen, a novel attack that exploits ill-protected remote control communications to access protected resources of a smart TV or even control the screen. EvilScreen exploits a multi-channel remote control mimicry vulnerability present in today smart TVs. Unlike other attacks, which compromise the TV system by exploiting code vulnerabilities or malicious third-party apps, EvilScreen directly reuses commands of different remote controls, combines them together to circumvent deployed authentication and isolation policies, and finally accesses or controls TV resources remotely. We evaluated eight mainstream smart TVs and found that they are all vulnerable to EvilScreen attacks, including a Samsung product adopting the ISO/IEC security specification.

Keywords

Smart TV, remote control, multi-channel, authentication and authorization, security analysis

Discipline

Graphics and Human Computer Interfaces | Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

21

Issue

4

First Page

1544

Last Page

1556

ISSN

1545-5971

Identifier

10.1109/TDSC.2023.3286182

Publisher

Institute of Electrical and Electronics Engineers

Citation

ZHANG, Yiwei; MA, Siqi; CHEN, Tiancheng; LI, Juanru; DENG, Robert H.; and BERTINO, Elisa. EvilScreen attack: Smart TV hijacking via multi-channel remote control mimicry. (2024). IEEE Transactions on Dependable and Secure Computing. 21, (4), 1544-1556.
Available at: https://ink.library.smu.edu.sg/sis_research/9612

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TDSC.2023.3286182