Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.4.871

Building of Remote Control Attack System for 2.4 GHz Wireless Keyboard Using an Android Smart Phone  

Lee, Su-Jin (Kookmin University)
Park, Aesun (Kookmin University)
Sim, Bo-Yeon (Kookmin University)
Kim, Sang-su (LIGnex)
Oh, Seung-Sup (LIGnex)
Han, Dong-Guk (Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.4, 2016 , pp. 871-883 More about this Journal
Abstract
It has been steadily increasing to use a wireless keyboard via Radio Frequency which is the input device. Especially, wireless keyboards that use 2.4 GHz frequency band are the most common items and their vulnerabilities have been reported since 2010. In this paper, we propose a 2.4 GHz wireless keyboard keystroke analysis and injection system based on the existing vulnerability researches of the Microsoft 2.4 GHz wireless keyboards. This system is possible to control on the remote. We also show that, via experiments using our proposed system, sensitive information of user can be revealed in the real world when using a 2.4 GHz wireless keyboard.
Keywords
2.4 GHz wireless keyboard Vulnerability; keystroke sniffing; keystroke injection; Electromagnetic;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 M, Fahnle and M, Hauff, "Analysis of unencrypted and encrypted wireless keyboard transmission implemented in GNU radio based software-defined radio," Hochschul Ulm, University of Applied Sciences Institute of Communication Technology, 2011
2 Ho-Yeon Kim, Bo-Yeon Sim, Aesun Park and Dong-Guk Han, "Analysis of 27MHz Wireless Keyboard Electromagnetic Signal Using USRP and GNU Radio," Journal of the Korea Institute of Information Security and Cryptology, 26(1), pp. 81-91, Feb. 2016.   DOI
3 T. Schroder and M. Moser, "KeyKeriki v2.0- 2.4 GHz", CanSecWest 2010, http://www.remote-exploit.org/articles/keykeriki_v2_0__8211_2_4ghz/, 2010.
4 S. Kamkar, "KeySweeper", http://samy.pl/keysweeper/, 2015.
5 Bastille, "MouseJack", https://www.bast ille.net/technical-details, 2016.
6 Travis Goodspeed, "Promiscuity is the nRF24L01+'s Duty", http://travisgoods peed.blogspot.kr/2011/02/promiscuity-i s-nrf24l01s-duty.html, 2011.
7 Semiconductor, Nordic. "nRF24L01 single chip 2.4 GHz transceiver product specification." http://www.nordicsemi.com/eng/Products/2.4GHz-RF/nRF24L01, 2007.