UChicago CS NewsOct 30, 2023

UChicago CS Chair, Faculty, and Students Inducted Into Samsung Hall Of Fame For Identifying Vulnerability In SmartTVs

Researchers from the Department of Computer Science at the University of Chicago have created a side-channel attack that identifies how easily hackers could guess a user's passwords or credit card numbers by listening to the audio of a SmartTV. The work has been recognized by Samsung, and the group is now featured in the Samsung Hall of Fame for Smart TV, Audio, and Displays.

Hundreds of millions of people have embraced the digital age by connecting their homes to devices that use the Internet. Along with virtual helpers like Google Home and Amazon Alexa, a common household item is the SmartTV, which allows users to browse the Web, stream videos, and purchase products. Unfortunately the more access we give these devices, the more vulnerable our personal data becomes to hackers. Researchers from the University of Chicago’s Department of Computer Science have recently been recognized by Samsung for their work identifying unknown vulnerabilities in Smart TVs– earning them a spot in the Samsung Hall of Fame.

PhD student and lead researcher, Tejas Kannan

Led by PhD student Tejas Kannan, Department Chair Hank Hoffmann, Neubauer Professor Nick Feamster, PhD student Synthia Wang, alum Max Sunog, and high school student Abe Bueno de Mesquita all contributed to work that develops and demonstrates how the audio on Samsung and Apple TVs would allow an attacker to guess when a user is typing, the length of the entered information, and the number of cursor movements between selections. Kannan came up with the idea while attending a research talk on how attackers can discover user keystrokes by exploiting GPU performance counters on mobile devices.

“I was already familiar with keystroke side-channel attacks on standard mechanical keyboards,” said Kannan. “Once I realized that these side-channels also existed on mobile phones, I figured that newer devices, such as Smart TVs, would have similar vulnerabilities. After interacting with the Smart TVs in the lab, we realized that the TV’s audio can provide valuable information to someone with ill intent. We constructed a simple prototype attack and then slowly relaxed the prototype’s many assumptions to create the final practical result that works against TVs on the market today.”

The team submitted the work to Samsung’s Bug Bounty Program, which asks participants to identify bugs in their audio and visual displays in exchange for a monetary prize. The claims are then reviewed and tested by Samsung’s security experts, with the most impactful contributions being recognized in their Hall of Fame. The group is one of three who recently received the honor.

Samsung is currently the most popular platform for SmartTVs on the market. Certain SmartTVs, like the Samsung Tizen, have distinct sounds for different actions, like selecting a key or deleting a character. If an attacker gained access to the SmartTV through an external device, they could potentially gain access to a user’s passwords or credit card numbers by listening to the audio. To show how easily this could be done, the team presented a side-channel attack that was tested in both an emulated and realistic environment. When typing behaviors were optimal, the controlled attack was able to recover 99.95% of credit card numbers, 97.65% of full credit card details, and up to 99.10% of common passwords within 100 guesses. In a realistic scenario, they were able to find 33.33% of credit card details and 60.19% of passwords within 100 guesses.

“When Tejas first proposed the idea, I wasn’t sure it would work,” recalled Hoffmann. “Credit card numbers (and the additional info, like zip codes) are essentially random, so the idea that we could reliably guess them from just a few sounds seemed unlikely. But being able to recover all details in a third of the cases (even with user errors) was shocking. I will definitely mute my TV when I type sensitive information from now on.“

The work was also disclosed to Apple. They issued a response stating, “While we do not see any security implications, we have forwarded your report to the appropriate team to investigate as a potential enhancement request to take action.” Samsung is actively discussing a long-term fix.

Receiving the honor is especially exciting for high school student Abe Bueno de Mesquita. He has been working in Professor Hoffmann’s lab for the past two summers.

“It’s awesome to be inducted into the hall of fame, but mostly I’m thankful for the opportunity to work on this project,” said Bueno de Mesquita. “Being able to see what real academic research looks like and take part in it was super eye-opening and fun, even though seeing just how effective our attack was is a bit scary.”

The full paper detailing their work will be presented at the upcoming 2024 Network and Distributed System Security Symposium– one of the top security conferences.

Related News

More UChicago CS stories from this research area.
figure detailing how net diffusion works
UChicago CS News

AI-Powered Network Management: GATEAU Project Advances Synthetic Traffic Generation

Oct 29, 2025
girl with robot
UChicago CS News

Sebo Lab: Programming robots to better interact with humans

Oct 28, 2025
Inside the Lab icon
Video

Inside The Lab: How Can Robots Improve Our Lives?

Oct 27, 2025
headshot
UChicago CS News

UChicago CS Student Awarded NSF Graduate Research Fellowship

Oct 27, 2025
LLM graphic
UChicago CS News

Why Can’t Powerful LLMs Learn Multiplication?

Oct 27, 2025
headshot
UChicago CS News

Celebrating Excellence in Human-Computer Interaction: Yudai Tanaka Named 2025 Google North America PhD Fellow

Oct 23, 2025
best demo award acceptance
UChicago CS News

Shape n’ Swarm: Hands-On, Shape-Aware Generative Authoring for Swarm User Interfaces Wins Best Demo at UIST 2025

Oct 22, 2025
gas example
UChicago CS News

Redirecting Hands in Virtual Reality With Galvanic Vestibular Stimulation: UChicago Lab to Present First-of-Its-Kind Work at UIST 2025

Oct 13, 2025
prophet arena explanation
UChicago CS News

Breaking New Ground in Machine Learning and AI: New Platform Prophet Arena Redefines How We Evaluate AI’s Intelligence

Oct 13, 2025
Fred Chong accepting award
UChicago CS News

University of Chicago’s EPiQC Wins Prestigious IEEE Synergy Award for Quantum Computing Collaboration

Oct 06, 2025
UIST collage
UChicago CS News

UChicago CS Researchers Expand the Boundaries of Interface Technology at UIST 2025

Sep 26, 2025
Michael Franklin and Aaron Elmore holding award
UChicago CS News

Looking Back 20 Years: How an Academic Bet on Real-Time Data Finally Paid Off

Sep 22, 2025
arrow-down-largearrow-left-largearrow-right-large-greyarrow-right-large-yellowarrow-right-largearrow-right-smallbutton-arrowclosedocumentfacebookfacet-arrow-down-whitefacet-arrow-downPage 1CheckedCheckedicon-apple-t5backgroundLayer 1icon-google-t5icon-office365-t5icon-outlook-t5backgroundLayer 1icon-outlookcom-t5backgroundLayer 1icon-yahoo-t5backgroundLayer 1internal-yellowinternalintranetlinkedinlinkoutpauseplaypresentationsearch-bluesearchshareslider-arrow-nextslider-arrow-prevtwittervideoyoutube