Deep-Tempest: Using Deep Learning to Eavesdrop on HDMI
The paper "Deep-TEMPEST" explores eavesdropping on HDMI signals via deep learning, improving text recognition accuracy significantly. It offers an open-source solution and discusses countermeasures against such eavesdropping techniques.
Read original article
The paper titled "Deep-TEMPEST: Using Deep Learning to Eavesdrop on HDMI from its Unintended Electromagnetic Emanations" addresses the challenge of eavesdropping on digital video displays by analyzing electromagnetic waves emitted unintentionally from HDMI cables and connectors. This phenomenon, known as TEMPEST, is more complex in digital formats compared to analog formats like VGA due to the 10-bit encoding, which results in a larger bandwidth and a non-linear relationship between the observed signals and pixel intensities. The authors propose a solution that involves recasting the eavesdropping challenge as an inverse problem, utilizing deep learning to map the electromagnetic signals back to the displayed images. This method requires a thorough mathematical analysis to determine the appropriate frequency for tuning and to generate training samples without needing a real TEMPEST setup, thus saving time and resources. The system significantly improves the average Character Error Rate in text recognition by over 60 percentage points compared to previous implementations. It is based on widely available Software Defined Radio technology and is fully open-source, integrated into the GNU Radio framework. The authors also provide a dataset for training, which includes both simulated data and over 1,000 real captures. Additionally, the paper discusses potential countermeasures to mitigate the risks associated with eavesdropping using similar techniques. The work was submitted for consideration at the LADC '24 conference.
Related
Hacking eInk Price Tags (2021)
Hackers repurpose eInk electronic shelf labels (ESLs) into photo frames or status displays by customizing firmware. Detailed exploration of hacking challenges, including Marvell chip analysis, bootloader functions, memory storage, communication protocols, and debugging methods.
TERI, almost IRL Blade Runner movie image enhancement tool
Researchers at the University of South Florida introduce TERI, an image processing algorithm inspired by Blade Runner, reconstructing hidden objects in photos using shadows. Potential applications in self-driving vehicles and robotics.
Electra: Pre-Training Text Encoders as Discriminators Rather Than Generators
The paper introduces ELECTRA, a text encoder pre-training method using replaced token detection instead of masked language modeling like BERT. ELECTRA outperforms BERT in contextual representation learning, especially for small models, with superior efficiency and effectiveness.
OpenCV and the Wild Kingdom
The author used a thermal camera and OpenCV for motion detection, initially aiming at the sky but later focusing on security. Python's speed issues led to transitioning to C++. Identified culprits stealing cat food prompted adjustments for security.
Hackers can wirelessly watch your screen via HDMI radiation
Researchers in Uruguay developed "Deep-TEMPEST," a technique using AI to wirelessly intercept HDMI video signals via electromagnetic radiation, raising security concerns for sensitive data protection against potential espionage.
8 commentsSecond, the paper was written (and tech implemented) by people with significant signals experience - quite a lot of thought went into the design, and a CNN (the part they trained) is just one component of the stack - for instance, they run the output image through Tesseract at the end to do character recognition. I’m not sure how they manage gradient descent end to end, although they talk about it in the paper.
So, this is a practitioner’s paper, using some modern techniques for ‘the hard bit’ -> taking radio waves and turning them into an image.
I’d be really interested in seeing someone do this again ‘the dumb way’ by just creating a full end to end autodifferentiable stack and running it for longer. I’m sure it would take more training time, but the number of people in the world who could have come up with this idea and done the implementation is small, probably in the single digit thousands.
Using, e.g. Sonnet 3.5 or Lllama 3.1 to be like ‘design and implement an autodifferentiable tempest attacker for me’, and seeing where results are right now is the sort of benchmark that I think matters a lot to track progress on the ‘leverage’ part of AI — basically can tech like this be delivered to, e.g. 1 million people worldwide, rather than thousands, with the help of a large model?
Anyway, very cool.
Finally, I’ll point out the two mitigations they mention don’t seem likely to be successful to me: they suggest adding Gaussian noise to the signal, or adding more gradients in colors for images. The second is not going to happen, except in very high security environments. I don’t believe the first is resistant to extra network training against the mitigation.
I came across this paper 'Eye of Sauron: Long-Range Hidden Spy Camera Detection and Positioning with Inbuilt Memory EM Radiation' recently, which I thought was extremely clever too.
(https://www.usenix.org/system/files/sec24fall-prepub-357-zha...)
https://www.windytan.com/2023/02/using-hdmi-radio-interferen...
How well DPCP and HDCP work against these attacks?
Related
Hacking eInk Price Tags (2021)
Hackers repurpose eInk electronic shelf labels (ESLs) into photo frames or status displays by customizing firmware. Detailed exploration of hacking challenges, including Marvell chip analysis, bootloader functions, memory storage, communication protocols, and debugging methods.
TERI, almost IRL Blade Runner movie image enhancement tool
Researchers at the University of South Florida introduce TERI, an image processing algorithm inspired by Blade Runner, reconstructing hidden objects in photos using shadows. Potential applications in self-driving vehicles and robotics.
Electra: Pre-Training Text Encoders as Discriminators Rather Than Generators
The paper introduces ELECTRA, a text encoder pre-training method using replaced token detection instead of masked language modeling like BERT. ELECTRA outperforms BERT in contextual representation learning, especially for small models, with superior efficiency and effectiveness.
OpenCV and the Wild Kingdom
The author used a thermal camera and OpenCV for motion detection, initially aiming at the sky but later focusing on security. Python's speed issues led to transitioning to C++. Identified culprits stealing cat food prompted adjustments for security.
Hackers can wirelessly watch your screen via HDMI radiation
Researchers in Uruguay developed "Deep-TEMPEST," a technique using AI to wirelessly intercept HDMI video signals via electromagnetic radiation, raising security concerns for sensitive data protection against potential espionage.