What You See is Not What You Get: a Man-in-the-Middle Attack Applied to Video Channels

Mauro Conti, Eleonora Losiouk, Alessandro Visintin

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

Abstract

People usually think that digital screens are reliable devices. Unfortunately, attackers can exploit this blind trust to persuade a user to perform unintended actions. In this paper, we present a novel type of Man-in-the-Middle attack named Man-in-the-Video. Man-in-the-Video intercepts the video stream flowing between a computer and its screen and modifies it on-the-fly. The objective of such attack is to distort the perception of reality and to induce improper user behaviour. We implemented HackDMI, a Man-in-the-Video attack performed over an HDMI cable. We applied this attack to a realistic threat scenario (i.e., phishing) and we evaluated it with quantitative measures. HackDMI is able to deceptively modify a 720p video stream, while maintaining a frame-rate of 14FPS. We also recorded three demo videos for qualitative evaluation.

Original languageEnglish
Title of host publicationProceedings of the 37th ACM/SIGAPP Symposium on Applied Computing, SAC 2022
PublisherAssociation for Computing Machinery (ACM)
Pages1723-1726
Number of pages4
ISBN (Electronic)9781450387132
DOIs
Publication statusPublished - 2022
Externally publishedYes
Event37th ACM/SIGAPP Symposium on Applied Computing, SAC 2022 - Virtual, Online
Duration: 25 Apr 202229 Apr 2022

Publication series

NameProceedings of the ACM Symposium on Applied Computing

Conference

Conference37th ACM/SIGAPP Symposium on Applied Computing, SAC 2022
CityVirtual, Online
Period25/04/2229/04/22

Keywords

  • HDMI
  • man-in-the-middle attack
  • video channel communication protocols

Fingerprint

Dive into the research topics of 'What You See is Not What You Get: a Man-in-the-Middle Attack Applied to Video Channels'. Together they form a unique fingerprint.

Cite this