RethinkingSmartphone Charging Attacks:
Design and Defence
报告人：Dr. Weizhi Meng
时间：3:00 p.m. on Wednesday, May 30th, 2018
地点：ROOM F706, New Main Building
As smartphones havebecome both integral and ubiquitous in our daily lives, they have attracted theinterest of cyber criminals who are trying to steal users' private information.Nowadays, smartphone security has received much attention, while most existingresearch focuses on the detection of malicious applications (malware).Incontrast, phone-charging threats are often ignored by the literature. In thistalk, I begin by introducing some existing charging attacks, including ourdeveloped one called juice filming charging (JFC) attack. Our attack can stealusers' private information through automatically video-capturing phone screenvia a standard USB connector. The attack efficiency relies on the observationsthat users are not aware of any risk when charging their phones in public placesand that most users would interact with their phone during the chargingprocedure. Then, I introduce several potential solutions to defend againstcharging attacks, i.e., monitoring the processor usage.
Dr. Weizhi Meng iscurrently an assistant professor in the Cyber Security Section, Department ofApplied Mathematics and Computer Science, Technical University of Denmark(DTU), Denmark. He obtained his Ph.D. degree in Computer Science from the CityUniversity of Hong Kong (CityU), Hong Kong in 2013. Prior to joining DTU, heworked as a research scientist in Infocomm Security (ICS) Department, Institutefor Infocomm Research, Singapore for over two years, and as a senior researchassociate in CityU. He won the Outstanding Academic Performance Award duringhis doctoral study, and is a recipient of the Hong Kong Institution ofEngineers (HKIE) Outstanding Paper Award for Young Engineers/Researchers inboth 2014 and 2017. He is also a co-recipient of best student paper from NSS2016. His primary research interests are cyber security and intelligenttechnology in security, including intrusion detection, mobile security,biometric authentication, HCI security, trust computing, web security, andmalware analysis. He also shows a strong interest in applied cryptography. Heserved as program committee members for various international conferences andis a co-program chair for IEEE Blockchain 2018.