TY - GEN
T1 - What You See is Not What You Get
T2 - 37th ACM/SIGAPP Symposium on Applied Computing, SAC 2022
AU - Conti, Mauro
AU - Losiouk, Eleonora
AU - Visintin, Alessandro
PY - 2022
Y1 - 2022
N2 - People usually think that digital screens are reliable devices. Unfortunately, attackers can exploit this blind trust to persuade a user to perform unintended actions. In this paper, we present a novel type of Man-in-the-Middle attack named Man-in-the-Video. Man-in-the-Video intercepts the video stream flowing between a computer and its screen and modifies it on-the-fly. The objective of such attack is to distort the perception of reality and to induce improper user behaviour. We implemented HackDMI, a Man-in-the-Video attack performed over an HDMI cable. We applied this attack to a realistic threat scenario (i.e., phishing) and we evaluated it with quantitative measures. HackDMI is able to deceptively modify a 720p video stream, while maintaining a frame-rate of 14FPS. We also recorded three demo videos for qualitative evaluation.
AB - People usually think that digital screens are reliable devices. Unfortunately, attackers can exploit this blind trust to persuade a user to perform unintended actions. In this paper, we present a novel type of Man-in-the-Middle attack named Man-in-the-Video. Man-in-the-Video intercepts the video stream flowing between a computer and its screen and modifies it on-the-fly. The objective of such attack is to distort the perception of reality and to induce improper user behaviour. We implemented HackDMI, a Man-in-the-Video attack performed over an HDMI cable. We applied this attack to a realistic threat scenario (i.e., phishing) and we evaluated it with quantitative measures. HackDMI is able to deceptively modify a 720p video stream, while maintaining a frame-rate of 14FPS. We also recorded three demo videos for qualitative evaluation.
KW - HDMI
KW - man-in-the-middle attack
KW - video channel communication protocols
UR - http://www.scopus.com/inward/record.url?scp=85130325765&partnerID=8YFLogxK
U2 - 10.1145/3477314.3507233
DO - 10.1145/3477314.3507233
M3 - Conference contribution
AN - SCOPUS:85130325765
T3 - Proceedings of the ACM Symposium on Applied Computing
SP - 1723
EP - 1726
BT - Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing, SAC 2022
PB - Association for Computing Machinery (ACM)
Y2 - 25 April 2022 through 29 April 2022
ER -