If you’ve ever watched with anxiety as the battery on your smartphone ran out, you appreciate the value of a publicly available electrical outlet. Plugging in to a public charging station, however, makes your phone or other device vulnerable in more ways than one.
A charging cable that can also transfer data makes users vulnerable to direct hacks, known as “juice-jacking.” NYIT researchers have found that even without a data-transfer cable, indirect or “side channel” hacks can be successful via a compromised electrical outlet. The particular side channel tested at NYIT involves looking at the way a device consumes electrical power and using that information to determine which websites a phone’s user visited while the phone was plugged in to charge.
The research team includes three NYIT School of Engineering and Computing Sciences faculty members: Kiran Balagani, Aydin Farajidavar, and Paolo Gasti. They were joined by College of William & Mary Associate Professor Gang Zhou and William & Mary Ph.D. student Qing Yang.
To conduct the study, the researchers identified a range of power use signatures. They then launched attacks under various conditions, targeting power use data and figuring out which sites were visited while the phones were plugged in.
Gasti said the side-channel attacks were successful because “webpages have a signature that reflects the way they load and consume energy.” The remaining power traces act like a thumbprint indicating which sites have been visited.
Various factors such as battery charging level, browser cache enabled/disabled, taps on the screen, and Wi-Fi/LTE influenced the accuracy rate in tracing websites visited. Some conditions, such as a fully charged battery, facilitate a fast and accurate penetration, while others, such as tapping the screen while a page is loading, lessen hackers’ ability to determine what website is being viewed.
Regardless of the conditions, the important finding from this work is that such an attack can indeed be carried out successfully. Even the slower, less accurate attempts at penetration were accurate about half the time within six seconds.
“Although this was an early study of power use signatures,” said Gasti, “it’s very likely that information besides browsing activity can also be stolen via this side channel. Since public USB charging stations are so widely used, people need to be aware that there might be security issues with them. For example, informed users might choose not to browse the web while charging.”