Threats and Limitations of Terrestrial Broadcast Attacks
[EN] The DVB standard does not mandate the use of authentication and integrity protection for transport streams. This allows malicious third parties to replace legitimate broadcasts by overpowering terrestrial transmissions. The rogue signal can then deliver a malicious broadcast stream to exploit s...
| Autores: | , , |
|---|---|
| Formato: | artículo |
| Fecha de publicación: | 2018 |
| País: | España |
| Recursos: | Universidad del País Vasco |
| Repositorio: | Addi. Archivo Digital para la Docencia y la Investigación |
| OAI Identifier: | oai:addi.ehu.eus:10810/65614 |
| Acesso em linha: | http://hdl.handle.net/10810/65614 |
| Access Level: | acceso abierto |
| Palavra-chave: | DVB-T HbbTV security Smart TV CCPR |
| Resumo: | [EN] The DVB standard does not mandate the use of authentication and integrity protection for transport streams. This allows malicious third parties to replace legitimate broadcasts by overpowering terrestrial transmissions. The rogue signal can then deliver a malicious broadcast stream to exploit security vulnerabilities on Smart TVs (STV) in range. We implemented a proof-of-concept attack based on a malicious HbbTV app, able to acquire permanent system-level access to a STV over the air, in less than ten seconds. These attacks, however, are severely limited in range due to required co-channel protection ratios (CCPR), which is in direct contradiction to previous publications. We present evidence for these limitations in form of lab experiments, extensive simulations, and field measurements. To this end, we developed an automated, low-cost method for CCPR determination, as well as a method for non disruptive attack range measurements based on a gap filler and the resulting channel impulse response. |
|---|