Abstract
A billion households worldwide receive digital television, employing broadcast standards such as Digital Video Broadcasting (DVB). Interactive applications can be signaled and transported using the widely deployed Hybrid Broadcast Broadband Television (HbbTV) standard. The DVB and HbbTV standards, however, lack mandatory authentication and integrity mechanisms for the transmitted data. This allows a remote attacker to replace legitimate broadcasts by overpowering the regular radio signal. The attacker-controlled signal can then deliver, e.g., a malicious HbbTV application, which in turn can be used to exploit local security vulnerabilities on Smart TVs (STV) in range. To the best of our knowledge, this work is the first to practically demonstrate that modern STVs can be compromised remotely by malware transmitted over-the-air using DVB systems. A proof-of-concept and several experiments are developed to assess important real-world properties of DVB-assisted attacks. New results on the reach of such an attack and its detectability are presented, which are used to propose an efficient protection scheme to secure existing and future HbbTV-enabled receivers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
\(90{^\circ }\) phase difference
- 2.
A symbol rate of 27.5 MS/s gives a symbol duration of \({36.\overline{36}}\) ns, thus a symbol length of 10 m.
- 3.
via the simple_application_boundary_descriptor
- 4.
dvb://original_network_id.transport_stream_id.service_id.component _tag
- 5.
This might apply to some cable installations, too.
References
Associação Brasileira de Normas Técnicas. Digital terrestrial television – Data coding and transmission specification (ABNT NBR 15606), 2015.
Australian Communications and Media Authority. Digital television terrestrial self-help retransmission services, 2014. http://www.acma.gov.au/Industry/Broadcast/Spectrum-for-broadcasting/Broadcast-planning/digital-television-terrestrial-self-help-retransmission-services.
Avalpa. OpenCaster, Sept. 2013. http://www.avalpa.com/the-key-values.
A. Barth. HTTP state management mechanism, April 2011. RFC6265.
A. Barth. The web origin concept, December 2011. RFC6454.
CEA. CEA-2014 revision A - Web-based Protocol and Framework for Remote User Interface on UPnP Networks and the Internet (Web4CE). Consumer Electronics Association, Jan. 2007.
Deutsche TV-Plattform. Wachstumsmarkt Smart-TV und HbbTV in Deutschland, Apr. 2015. http://www.tv-plattform.de/de/hbbtv-markt-2014.html.
Digital TV Research. Digital TV world household databook. June 2014.
ETSI. Digital Video Broadcasting (DVB); Framing structure, channel coding and modulation for 11/12 GHz satellite services (EN 300 421 V1.1.2). European Telecommunications Standards Institute, Aug. 1997.
ETSI. Digital Video Broadcasting (DVB); Framing structure, channel coding and modulation for cable systems (EN 300 429 V1.2.1). European Telecommunications Standards Institute, Apr. 1998.
ETSI. Digital Video Broadcasting (DVB); Framing structure, channel coding and modulation for digital terrestrial television (EN 300 744 V1.6.1). European Telecommunications Standards Institute, Jan. 2009.
ETSI. Digital Video Broadcasting (DVB); Multimedia Home Platform (MHP) Specification 1.2.2 (TS 102 727 V1.1.1), Jan. 2010.
ETSI. Digital Video Broadcasting (DVB); Signalling and carriage of interactive applications and services in Hybrid broadcast/broadband environments (TS 102 809 V1.1.1). European Telecommunications Standards Institute, Jan. 2010.
ETSI. Hybrid Broadcast Broadband TV (TS 102 796 V1.1.1). European Telecommunications Standards Institute, June 2010.
ETSI. Digital Video Broadcasting (DVB); Implementation guidelines for DVB terrestrial services; Transmission aspects (TR 101 190 V1.3.2). European Telecommunications Standards Institute, May 2011.
ETSI. Hybrid Broadcast Broadband TV (TS 102 796 V1.2.1). European Telecommunications Standards Institute, Nov. 2012.
ETSI. MHEG-5 Broadcast Profile (ES 202 184 V2.3.1). European Telecommunications Standards Institute, Jan. 2013.
ETSI. Digital Video Broadcasting (DVB); Specification for the use of Video and Audio Coding in Broadcasting Applications based on the MPEG-2 Transport Stream (TS 101 154 V2.1.1). European Telecommunications Standards Institute, Mar. 2015.
W. Fischer. Digital Video and Audio Broadcasting Technology. Springer, Heidelberg, 3rd edition, 2010.
J. Fritz. Satellite hacking: A guide for the perplexed. Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies, 10(1):3, 2013. http://www.international-relations.com/CM2012/Satellite-Hacking.pdf.
M. Ghiglieri, F. Oswald, and E. Tews. HbbTV – I know what you are watching. In 13. Deutscher IT-Sicherheitskongress. SecuMedia Verlags-GmbH, May 2013.
M. Ghiglieri and E. Tews. A privacy protection system for HbbTV in Smart TVs. In 11th Consumer Communications and Networking Conference (CCNC), pages 357–362. IEEE, Jan. 2014.
HbbTV Association. ETSI TS 102 796 V1.2.1 Errata 2, Aug. 2014. https://www.hbbtv.org/pages/about_hbbtv/TS102796-v121-errata-2.pdf.
HbbTV Association. Hbbtv 2.0 specification. Feb. 2015. https://www.hbbtv.org/pages/about_hbbtv/specification-2.php.
HbbTV Association. HbbTV and security. May 2015. https://www.hbbtv.org/pages/about_hbbtv/security-text-for-web-site-draft-07.pdf.
HbbTV Forum Nederland. Specification for use of HbbTV in the Netherlands Version 1.0. http://hbbtv.nu/wp-content/uploads/2013/06/130501_Appproved_HbbNL_Spec_1.0.pdf.
M. Herfurt. Security concerns with HbbTV. Blog post, Martin Herfurt’s Blog, June 2013. https://mherfurt.wordpress.com/2013/06/01/security-concerns-with-hbbtv.
ISO/IEC. Information technology - Generic coding of moving pictures and associated audio information - Part 3: Audio (13818–3:1998), Apr. 1998.
ISO/IEC. Information technology - Generic coding of moving pictures and associated audio information - Part 1: Systems (13818–1:2013), June 2013.
ISO/IEC. Information technology - Generic coding of moving pictures and associated audio information - Part 2: Video (13818–2:2013), Oct. 2013.
ITU. Planning criteria, including protection ratios, for digital terrestrial television services in the VHF/UHF bands (Recommendation ITU-R BT.1368-12). International Telecommunications Union, Feb. 2015.
T. Klein. A Bug Hunter’s Diary. A Guided Tour Through the Wilds of Software Security. No Starch Press, 1st edition, Nov. 2011.
K. Merkel. HbbTV - Status und Ausblick, Jan. 2014. http://www.vprt.de/sites/default/files/documents/2014-01-27_TIF_HbbTV_Merkel.pdf.
U. Meyer and S. Wetzel. On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks. In 15th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), volume 4, pages 2876–2883. IEEE, 2004.
B. Michéle and A. Karpow. Watch and be watched: Compromising all Smart TV generations. In Proceedings of the 11th Consumer Communications and Networking Conference (CCNC), pages 351–356. IEEE, Jan. 2014.
Open IPTV Forum. Open IPTV Forum Release 1 Specification Volume 5 – Declarative Application Environment V1.2, Sept. 2012.
Y. Oren and A. D. Keromytis. From the aether to the ethernet - Attacking the Internet using broadcast digital television. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security ’14), San Diego, CA, Aug. 2014. USENIX Association.
C. Perez-Vega, J. L. García, and J. M. L. Higuera. A simple and efficient model for indoor path-loss prediction. Measurement Science and Technology, 8(10):1166–1173, 1997.
A. Perrig and J. D. Tygar. Secure Broadcast Communication. In Wired and Wireless Networks. Springer, 2003.
C. Pérez-Vega and J. L. García. Frequency behavior of a power-law path loss model. In Proceedings of the 10th Microcoll, Budapest, Hungary, Mar. 1999.
T. S. Rappaport. Wireless Communications: Principles and Practice. Prentice Hall Communications Engineering and Emerging Technologies Series. Prentice Hall PTR, 2nd edition, 2002.
U. Reimers, editor. DVB - Digitale Fernsehtechnik. Datenkompression und Übertragung. Springer, 3rd edition, 2008.
B. Schneier. Secrets & Lies: Digital Security in a Networked World. Wiley, New York, 1st edition, 2000.
S. Y. Seidel, T. S. Rappaport, S. Jain, M. L. Lord, and R. Singh. Path loss, scattering and multipath delay statistics in four European cities for digital cellular and microcellular radiotelephone. Vehicular Technology, IEEE Transactions on, 40(4):721–730, 1991.
SevenOne Media. Connected TV reach May 2015. https://www.sevenonemedia.de/web/sevenone/research/ctv/leistungswerte, June 2015.
Small Media. Satellite jamming in Iran: A war over airwaves. Nov. 2012. http://smallmedia.org.uk/sites/default/files/Satellite%20Jamming.pdf.
Task Force DVB-T Deutschland von ARD und ZDF, Institut für Rundfunktechnik München. Sender- und Programmliste Deutschland. http://www.ueberallfernsehen.de/dvbtdownloads127.pdf, Aug. 2014.
TNS Infratest. Digitalisierungsbericht 2014: Daten und Fakten. Technical report, Die Medienanstalten, July 2014. http://www.die-medienanstalten.de/publikationen/digitalisierungsbericht.html.
E. J. Tozer, editor. Broadcast Engineer’s Reference Book. Focal Press, 2004.
C. P. Williams. Explorations in Quantum Computing. Texts in Computer Science. Springer, 2010.
World Wide Web Consortium. http://www.w3.org.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2015 The Author(s)
About this chapter
Cite this chapter
Michéle, B. (2015). Broadcast. In: Smart TV Security. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-20994-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-20994-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-20993-7
Online ISBN: 978-3-319-20994-4
eBook Packages: Computer ScienceComputer Science (R0)