Threats and Limitations of Terrestrial Broadcast Attacks

[EN] The DVB standard does not mandate the use of authentication and integrity protection for transport streams. This allows malicious third parties to replace legitimate broadcasts by overpowering terrestrial transmissions. The rogue signal can then deliver a malicious broadcast stream to exploit s...

ver descrição completa

Detalhes bibliográficos
Autores: Michéle, Benjamin, Peña Valverde, Ivan, Angueira Buceta, Pablo
Formato: artículo
Fecha de publicación:2018
País:España
Recursos:Universidad del País Vasco
Repositorio:Addi. Archivo Digital para la Docencia y la Investigación
OAI Identifier:oai:addi.ehu.eus:10810/65614
Acesso em linha:http://hdl.handle.net/10810/65614
Access Level:acceso abierto
Palavra-chave:DVB-T
HbbTV
security
Smart TV
CCPR
Descrição
Resumo:[EN] The DVB standard does not mandate the use of authentication and integrity protection for transport streams. This allows malicious third parties to replace legitimate broadcasts by overpowering terrestrial transmissions. The rogue signal can then deliver a malicious broadcast stream to exploit security vulnerabilities on Smart TVs (STV) in range. We implemented a proof-of-concept attack based on a malicious HbbTV app, able to acquire permanent system-level access to a STV over the air, in less than ten seconds. These attacks, however, are severely limited in range due to required co-channel protection ratios (CCPR), which is in direct contradiction to previous publications. We present evidence for these limitations in form of lab experiments, extensive simulations, and field measurements. To this end, we developed an automated, low-cost method for CCPR determination, as well as a method for non disruptive attack range measurements based on a gap filler and the resulting channel impulse response.