{"title":"chromecast网络通信黑箱安全性评价","authors":"Ali Tekeoglu, A. Tosun","doi":"10.1109/PCCC.2014.7017050","DOIUrl":null,"url":null,"abstract":"Chromecast is a small, system-on-chip device, that plugs into the HDMI port of a larger screen and turns it into a smart screen. It is designed for multimedia streaming in a home-network environment. By setting up Chromecast, you can stream videos onto a larger screen and control it from a mobile device such as a smart-phone, tablet or a laptop. We examined the network packets exchanged between the smaller remote control device and the Chromecast attached larger screen. While Chromecast encrypts most of the content, remote control device sends control packets to the remote servers in the clear-text, which makes it vulnerable to reply-attacks or session-hijacking attacks. Besides, data transmission pattern leak personal information outside of the home-network, raising privacy concerns. Network protocols used by Chromecast are investigated and known vulnerabilities are listed. A method to detect the existence of Chromecast behind a home-router is proposed.","PeriodicalId":105442,"journal":{"name":"2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Blackbox security evaluation of chromecast network communications\",\"authors\":\"Ali Tekeoglu, A. Tosun\",\"doi\":\"10.1109/PCCC.2014.7017050\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Chromecast is a small, system-on-chip device, that plugs into the HDMI port of a larger screen and turns it into a smart screen. It is designed for multimedia streaming in a home-network environment. By setting up Chromecast, you can stream videos onto a larger screen and control it from a mobile device such as a smart-phone, tablet or a laptop. We examined the network packets exchanged between the smaller remote control device and the Chromecast attached larger screen. While Chromecast encrypts most of the content, remote control device sends control packets to the remote servers in the clear-text, which makes it vulnerable to reply-attacks or session-hijacking attacks. Besides, data transmission pattern leak personal information outside of the home-network, raising privacy concerns. Network protocols used by Chromecast are investigated and known vulnerabilities are listed. A method to detect the existence of Chromecast behind a home-router is proposed.\",\"PeriodicalId\":105442,\"journal\":{\"name\":\"2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PCCC.2014.7017050\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PCCC.2014.7017050","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Blackbox security evaluation of chromecast network communications
Chromecast is a small, system-on-chip device, that plugs into the HDMI port of a larger screen and turns it into a smart screen. It is designed for multimedia streaming in a home-network environment. By setting up Chromecast, you can stream videos onto a larger screen and control it from a mobile device such as a smart-phone, tablet or a laptop. We examined the network packets exchanged between the smaller remote control device and the Chromecast attached larger screen. While Chromecast encrypts most of the content, remote control device sends control packets to the remote servers in the clear-text, which makes it vulnerable to reply-attacks or session-hijacking attacks. Besides, data transmission pattern leak personal information outside of the home-network, raising privacy concerns. Network protocols used by Chromecast are investigated and known vulnerabilities are listed. A method to detect the existence of Chromecast behind a home-router is proposed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
