Threats and Limitations of Terrestrial Broadcast Attacks
IEEE Transactions on Broadcasting 64(1) : 105-118 (2018)
Abstract
[EN] The DVB standard does not mandate the use of authentication and integrity protection for transport streams. This allows malicious third parties to replace legitimate broadcasts by overpowering terrestrial transmissions. The rogue signal can then deliver a malicious broadcast stream to exploit security vulnerabilities on Smart TVs (STV) in range. We implemented a proof-of-concept attack based on a malicious HbbTV app, able to acquire permanent system-level access to a STV over the air, in less than ten seconds. These attacks, however, are severely limited in range due to required co-channel protection ratios (CCPR), which is in direct contradiction to previous publications. We present evidence for these limitations in form of lab experiments, extensive simulations, and field measurements. To this end, we developed an automated, low-cost method for CCPR determination, as well as a method for non disruptive attack range measurements based on a gap filler and the resulting channel impulse response.