{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,16]],"date-time":"2025-09-16T18:18:39Z","timestamp":1758046719509,"version":"3.44.0"},"reference-count":37,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,9,13]],"date-time":"2025-09-13T00:00:00Z","timestamp":1757721600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,9,13]],"date-time":"2025-09-13T00:00:00Z","timestamp":1757721600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100007129","name":"Natural Science Foundation of Shandong Province","doi-asserted-by":"publisher","award":["ZR2023MF043"],"award-info":[{"award-number":["ZR2023MF043"]}],"id":[{"id":"10.13039\/501100007129","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100010029","name":"Taishan Scholar Foundation of Shandong Province","doi-asserted-by":"publisher","award":["tsqn202211001"],"award-info":[{"award-number":["tsqn202211001"]}],"id":[{"id":"10.13039\/501100010029","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>To facilitate collaboration across multiple devices and benefit from larger screens and better user experiences, many users choose to mirror their screen content of smartphones to personal computers. The implementation of the Android screen mirroring feature varies across different manufacturers, resulting in significant security differences among screen mirroring apps. Moreover, actual incidents of screen content leakage have exacerbated users\u2019 concerns about the security of the Android screen mirroring feature. In this work, we systematically analyzed the system architecture of the Android screen mirroring feature and the security risks it faces. Specifically, we identified four critical security risks in the communication process between the mobile and PC sides of screen mirroring apps, including arbitrary access to screen content, MITM (Man-in-the-Middle) attacks, malicious commands injection, and data sniffing attacks. Attackers can exploit these identified security risks to arbitrarily access screen content or manipulate user\u2019s phone to perform malicious operations. To evaluate the security risks of the Android mirroring feature in real-world deployments, we conducted a security evaluation on over 20 popular screen mirroring apps from multiple sources. The results indicate that all of these apps are facing at least one of the aforementioned security risks. Finally, we provide the corresponding recommendations to mitigate the identified security risks.<\/jats:p>","DOI":"10.1186\/s42400-025-00363-8","type":"journal-article","created":{"date-parts":[[2025,9,13]],"date-time":"2025-09-13T01:01:53Z","timestamp":1757725313000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Understanding security risks in mobile-to-PC screen mirroring: an empirical study"],"prefix":"10.1186","volume":"8","author":[{"given":"Zhaoyu","family":"Qiu","sequence":"first","affiliation":[]},{"given":"Shishuai","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Yifan","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Yujia","family":"Luo","sequence":"additional","affiliation":[]},{"given":"Wenrui","family":"Diao","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,9,13]]},"reference":[{"key":"363_CR1","unstructured":"Advanced Video Coding. 2024. https:\/\/www.itu.int\/ITU-T\/recommendations\/rec.aspx?rec=14659. Accessed 8 May 2024"},{"key":"363_CR2","doi-asserted-by":"crossref","unstructured":"Alrawi O, Lever C, Antonakakis M, Monrose F (2019) SoK: Security Evaluation of Home-Based IoT Deployments. In: Proceedings of the 40th IEEE Symposium on Security and Privacy (IEEE S &P), San Francisco, CA, USA, May 19-23, 2019","DOI":"10.1109\/SP.2019.00013"},{"key":"363_CR3","unstructured":"Create Your Own Accessibility Service. 2024. https:\/\/developer.android.com\/guide\/topics\/ui\/accessibility\/service. Accessed 4 May 2024"},{"key":"363_CR4","unstructured":"Cui A, Costello M, Stolfo S (2013) When Firmware Modifications Attack: A Case Study of Embedded Exploitation. In: Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 24-27, 2013"},{"key":"363_CR5","unstructured":"Don\u2019t Become the Victim of Screen Sharing Scams. 2024. https:\/\/www.uccu.com\/security-alert-screen-sharing-fraud\/. Accessed 29 May 2024"},{"key":"363_CR6","unstructured":"Elsabagh M, Johnson R, Stavrou A, Zuo C, Zhao Q, Lin Z (2020) FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware. In: Proceedings of the 29th USENIX Security Symposium (USENIX Security), Boston, MA, USA, August 12-14, 2020"},{"key":"363_CR7","doi-asserted-by":"crossref","unstructured":"Feal \u00c1, Calciati P, Vallina-Rodriguez N, Troncoso C, Gorla A (2020) Angel or devil? a privacy study of mobile parental control apps. In: 20th Proceedings on Privacy Enhancing Technologies (PoPETs), Montreal, Canada, July 15-19, 2020","DOI":"10.2478\/popets-2020-0029"},{"key":"363_CR8","doi-asserted-by":"crossref","unstructured":"Fernandes E, Jung J, Prakash A (2016) Security Analysis of Emerging Smart Home Applications. In: Proceedings of the 37th IEEE Symposium on Security and Privacy (IEEE S &P), San Jose, CA, USA, May 22-26, 2016","DOI":"10.1109\/SP.2016.44"},{"key":"363_CR9","unstructured":"Frida. 2024. https:\/\/frida.re\/. Accessed 6 May 2024"},{"key":"363_CR10","doi-asserted-by":"crossref","unstructured":"Gamba J, Rashed M, Razaghpanah A, Tapiador J, Vallina-Rodriguez N (2020) An Analysis of Pre-installed Android Software. In: Proceedings of the 41st IEEE Symposium on Security and Privacy (IEEE S &P), San Francisco, CA, USA, May 18-21, 2020","DOI":"10.1109\/SP40000.2020.00013"},{"key":"363_CR11","unstructured":"High Efficiency Video Coding. 2024. https:\/\/www.itu.int\/ITU-T\/recommendations\/rec.aspx?rec=15647. Accessed 8 May 2024"},{"key":"363_CR12","unstructured":"JADX. 2024. https:\/\/github.com\/skylot\/jadx. Accessed 6 May 2024"},{"key":"363_CR13","doi-asserted-by":"crossref","unstructured":"Lee Y, Li T, Zhang N, Demetriou S, Zha M, Wang X, Chen K, Zhou X, Han X, Grace M (2017) Ghost Installer in the Shadow: Security Analysis of App Installation on Android. In: Proceedings of the 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), Denver, CO, USA, June 26-29, 2017","DOI":"10.1109\/DSN.2017.33"},{"key":"363_CR14","doi-asserted-by":"crossref","unstructured":"Li R, Diao W, Li Z, Du J, Guo S (2021) Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings. In: Proceedings of the 42nd IEEE Symposium on Security and Privacy (IEEE S &P), San Francisco, CA, USA, May 24-27, 2021","DOI":"10.1109\/SP40001.2021.00070"},{"key":"363_CR15","unstructured":"Media Projection. 2024. https:\/\/developer.android.com\/media\/grow\/media-projection. Accessed 4 May 2024"},{"key":"363_CR36","unstructured":"mitmproxy. 2024. https:\/\/github.com\/mitmproxy\/mitmproxy. Accessed 6 May 2024"},{"key":"363_CR16","unstructured":"Mobile Operating System Market Share Worldwide. 2024. https:\/\/gs.statcounter.com\/os-market-share\/mobile\/worldwide. Accessed 26 April 2024"},{"key":"363_CR17","unstructured":"Moon D, Lee JD, Jeong Y-S, Park JH (2016) RTNSS: A Routing Trace-based Network Security System for Preventing ARP Spoofing Attacks. The Journal of Supercomputing"},{"key":"363_CR18","unstructured":"Nan Y, Wang X, Xing L, Liao X, Wu R, Wu J, Zhang Y, Wang X (2023) Are you spying on me? large-scale analysis on iot data exposure through companion apps. In: Proceedings of the 32nd USENIX Security Symposium (USENIX Security), Anaheim, CA, USA, August 9-11, 2023"},{"key":"363_CR19","unstructured":"Restricted Screen Reading. 2024. https:\/\/source.android.com\/docs\/core\/permissions\/restricted-screen-reading. Accessed 26 April 2024"},{"key":"363_CR20","unstructured":"Scrcpy. 2024. https:\/\/github.com\/Genymobile\/scrcpy. Accessed 4 May 2024"},{"key":"363_CR21","unstructured":"Scrcpy - Best Android Screen Mirroring App. 2024. https:\/\/scrcpy.app\/. Accessed 4 May 2024"},{"key":"363_CR22","unstructured":"ScreenStream. 2024. https:\/\/github.com\/dkrivoruchko\/ScreenStream. Accessed 4 May 2024"},{"key":"363_CR23","unstructured":"TCPDUMP & LIBPCAP. 2024. https:\/\/www.tcpdump.org\/. Accessed 6 May 2024"},{"key":"363_CR24","doi-asserted-by":"crossref","unstructured":"Tekeoglu A, Tosun A.\u015e (2015) A Closer Look into Privacy and Security of Chromecast Multimedia Cloud Communications. In: Proceedings of the 34th IEEE Conference on Computer Communications Workshops (INFOCOM Workshops), Hong Kong, China, April 26 - May 1, 2015","DOI":"10.1109\/INFCOMW.2015.7179371"},{"key":"363_CR25","doi-asserted-by":"crossref","unstructured":"Tian Y, Liu YC, Bhosale A, Huang LS, Tague P, Jackson C (2014) All Your Screens are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API. In: Proceedings of the 35th IEEE Symposium on Security and Privacy (IEEE S &P), San Francisco, CA, USA, May 18-21, 2020","DOI":"10.1109\/SP.2014.10"},{"key":"363_CR26","doi-asserted-by":"crossref","unstructured":"Tian G, Chen J, Yan K, Yang S, Diao W (2022) Cast Away: On the Security of DLNA Deployments in the SmartTV Ecosystem. In: Proceedings of the 22nd International Conference on Software Quality, Reliability and Security (QRS), Guangzhou, China, December 5-9, 2022","DOI":"10.1109\/QRS57517.2022.00021"},{"key":"363_CR37","unstructured":"vivoSRC. 2024. https:\/\/security.vivo.com.cn\/#\/home. Accessed 6 May 2024"},{"key":"363_CR27","doi-asserted-by":"crossref","unstructured":"Wang L, Liu X, Lei T, Song W, Guo S, Ren P (2024) Security research for android remote assistance apps. In: 29th Australasian Conference on Information Security and Privacy (ACISP), Sydney, NSW, Australia, July 15-17, 2024","DOI":"10.1007\/978-981-97-5101-3_14"},{"key":"363_CR28","unstructured":"Wang X, Sun Y, Nanda S, Wang X (2019) Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps. In: Proceedings of the 28th USENIX Security Symposium (USENIX Security), Santa Clara, CA, USA, August 14-16, 2019"},{"key":"363_CR29","unstructured":"Wireshark. 2024. https:\/\/www.wireshark.org\/. Accessed 6 May 2024"},{"key":"363_CR30","doi-asserted-by":"crossref","unstructured":"Wu L, Grace M, Zhou Y, Wu C, Jiang X (2013) The Impact of Vendor Customizations on Android Security. In: Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS), Berlin, Germany, November 4-8, 2013","DOI":"10.1145\/2508859.2516728"},{"key":"363_CR31","doi-asserted-by":"crossref","unstructured":"Yang S, Li R, Chen J, Diao W, Guo S (2022) Demystifying Android Non-SDK APIs: Measurement and Understanding. In: Proceedings of the 44th IEEE\/ACM International Conference on Software Engineering (ICSE), Pittsburgh, PA, USA, May 21-29, 2022","DOI":"10.1145\/3510003.3510045"},{"key":"363_CR32","unstructured":"Zeroconf. 2024. https:\/\/pypi.org\/project\/zeroconf\/. Accessed 8 May 2024"},{"key":"363_CR33","doi-asserted-by":"crossref","unstructured":"Zhang Y, Ma S, Chen T, Li J, Deng RH, Bertino E (2023) EvilScreen Attack: Smart TV Hijacking via Multi-channel Remote Control Mimicry. IEEE Transactions on Dependable and Secure Computing (TDSC)","DOI":"10.1109\/TDSC.2023.3286182"},{"key":"363_CR34","doi-asserted-by":"crossref","unstructured":"Zhang W, Meng Y, Liu Y, Zhang X, Zhang Y, Zhu H (2018) HoMonit: Monitoring Smart Home Apps from Encrypted Traffic. In: Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security (CCS), Toronto, ON, Canada, October 15-19, 2018","DOI":"10.1145\/3243734.3243820"},{"key":"363_CR35","doi-asserted-by":"crossref","unstructured":"Zheng M, Sun M, Lui JCS (2014) DroidRay: A Security Evaluation System for Customized Android Firmwares. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (Asia CCS), Kyoto, Japan, June 3-6, 2014","DOI":"10.1145\/2590296.2590313"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00363-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00363-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00363-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,13]],"date-time":"2025-09-13T01:02:18Z","timestamp":1757725338000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-025-00363-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,13]]},"references-count":37,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["363"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00363-8","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,9,13]]},"assertion":[{"value":"3 August 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 January 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 September 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declared that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"68"}}