Implementation and Evaluation of Novel Juice Jacking Attacks
Juice jacking refers to a family of attacks on mobile devices in which a manipulated charging cable is used to extract data or install malware. Users are particularly vulnerable to this type of attack wherever existing infrastructure is used instead of a personal charger, for example in the form of charging stations at airports. After the introduction of user confirmation dialogs or comparable interaction mechanisms for USB connections used for data transfer, juice jacking attacks were largely considered obsolete and were no longer pursued by the research community.
Within the scope of this project, the effectiveness of user interaction as a countermeasure against juice-jacking attacks on mobile devices from the most popular manufacturers was evaluated. To this end, methods were investigated and implemented that allow an attacker to bypass the required interaction and thus extract data even from current devices.
Downloads
| File | Description | File size |
|---|---|---|
Project Report (DE)
|
|
938 KB |