@inproceedings{a60458df989e4685a1e8217fd910f36a,
title = "The curious case of the curious case: Detecting touchscreen events using a smartphone protective case",
abstract = "Security-conscious users are very careful with software they allow their phone to run. They are much less careful with the choices they make regarding accessories such as headphones or chargers and only few, if any, care about cyber security threats coming from the phone's protective case. We show how a malicious smartphone protective case can be used to detect and monitor the victim's interaction with the phone's touchscreen, opening the door to keylogger-like attacks, threatening the user's security and privacy. This feat is achieved by implementing a hidden capacitive sensing mechanism inside the case. Our attack is both sensitive enough to track the user's finger location across the screen, and simple and cheap enough to be mass-produced and deployed en masse. We discuss the theoretical principles behind this attack, present a preliminary proof-of-concept, and discuss potential countermeasures and mitigations.",
keywords = "Privacy, Security, Smartphone, Touchscreen leak",
author = "Tomer Gluck and Rami Puzis and Yossi Oren and Asaf Shabtai",
note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017 ; Conference date: 29-04-2017 Through 30-04-2017",
year = "2017",
month = jun,
day = "30",
doi = "10.1109/EuroSPW.2017.58",
language = "English",
series = "Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017",
publisher = "Institute of Electrical and Electronics Engineers",
pages = "99--103",
booktitle = "Proceedings - 2nd IEEE European Symposium on Security and Privacy Workshops, EuroS and PW 2017",
address = "United States",
}