報告題目：USB Cable based Charging Attacks on Smartphones: Design and Impact
報 告 人：蒙威誌博士
摘 要：Smartphones such as Android phones and iPhones are widely adopted worldwide and users’ privacy are challenged by various malicious applications. In the academia, malware has received much attention, while the phone-charging threats are often ignored. However, current public charging facilities may open a hole for cyber attackers to infer private / sensitive data from smartphones. This talk first introduces several existing charging attacks via USB charging cable, as well as our developed Juice Filming Charging (JFC) attack that can steal users' private information through automatically video-capturing phone screen during the whole charging period, via a standard USB connector. The attack efficiency relies on the observations that users are not aware of any risk when charging their phones in public places and that most users would interact with their phone during the charging procedure. Then, this talk presents several potential solutions to defend against such attacks, and discusses the future directions.
報告人簡介：Dr. Weizhi Meng is currently an assistant professor in the Cyber Security Section, Department of Applied Mathematics and Computer Science, Technical University of Denmark (DTU), Denmark. He obtained his Ph.D. degree in Computer Science from the City University of Hong Kong (CityU), Hong Kong. Prior to joining DTU, he worked as a research scientist in Infocomm Security (ICS) Department, Institute for Infocomm Research, A*Star, Singapore, and as a senior research associate in CS Department, CityU. He won the Outstanding Academic Performance Award during his doctoral study, and is a recipient of the Hong Kong Institution of Engineers (HKIE) Outstanding Paper Award for Young Engineers/Researchers in both 2014 and 2017. He is also a recipient of Best Paper Award from ISPEC 2018, and Best Student Paper Award from NSS 2016. His primary research interests are cyber security and intelligent technology in security, including intrusion detection, smartphone security, biometric authentication, HCI security, trust management, blockchain in security, and malware analysis. He served as program committee members for 50+ international conferences. He was a co-PC chair for IEEE Blockchain 2018, IEEE ATC 2019, IFIPTM 2019, Socialsec 2019.