Potential risk of IoT device supporting IR remote control

摘要

Infrared (IR) remote control technology is widely applied in daily human life. IR remote control signals are a simple, safe and reliable resource that can help to control nearby electrical appliances. With the development of Internet of things (IoT) technology, an increasing number of IoT devices supporting IR remote control access the Internet. In this paper, a malicious IR hardware module (MIRM) is made. The MIRM is implanted into a keyboard in an air-gapped network to control nearby IoT devices to leak sensitive data out. In our attack experiments on a smart TV set-top box, the rate of the covert channel can reach 3.15 bits's. The potential risk that IoT devices can be exploited maliciously to leak sensitive data is revealed. Finally, a list of countermeasures is presented to enhance security of IR remote control and eliminate such covert channels. (C) 2018 Elsevier B.V. All rights reserved.