NDSS 2026 Showcase: When Physics Hacks Digital Security (Day 1)

The Network and Distributed System Security Symposium (NDSS), hosted by the Internet Society for over 30 years, is one of the premier venues for security research, and the 2026 program is nothing short of spectacular.

Over the next four days, I'll break down a curated selection of the most remarkable papers from this year's lineup of 265 accepted submissions in what I'm calling an NDSS 2026 Showcase. My goal is to bridge the gap between academic rigor and practical understanding—offering quick summaries accessible to a general audience without sacrificing the technical nuance security professionals need to understand threats.

We begin today with five papers in a theme I call "Mad Science Hacks." These papers bridge the physical and digital worlds, exploiting the laws of physics to compromise systems in ways that feel like science fiction:

1. Hiding an Ear in Plain Sight

Zhang et al. discover that the Internet cables running under our streets can be repurposed as microphones. While it might seem shocking that fiber cables can "hear," the technical breakthrough involves using existing telecom fiber as Distributed Acoustic Sensors (DAS). By detecting minute phase changes in light pulses caused by acoustic vibrations, the authors successfully recovered intelligible speech and environmental sounds from the vicinity of the cable without ever tapping the data stream itself. Read the paper here

2. XR Devices Send WiFi Packets When They Should Not

Vattheuer et al. reveal that your VR headset might be leaking your passwords through the wall. They identified a side channel in Extended Reality (XR) headsets through which encrypted Wi-Fi traffic patterns betray user actions. Using "non-cooperative" wireless sensing, they trained classifiers to map specific packet metadata (size, timing) back to user keystrokes and gestures, achieving high-accuracy inference from adjacent rooms despite encryption. Read the paper here

3. Unknown Target: In-Flight Attacks to Collision Avoidance

Longo et al. show how hackers can trick airplane safety systems into seeing "ghost planes." The researchers demonstrate that injecting spoofed RF messages can trigger the Traffic Alert and Collision Avoidance System (TCAS) logic. This forces pilots—or autopilots—to execute abrupt, dangerous evasion maneuvers (Resolution Advisories) to avoid colliding with phantom aircraft that do not actually exist. Read the paper here

4. PhantomMotion: Laser-Based Motion Injection

He et al. prove you can defeat smart security cameras with a laser pointer. By directing modulated lasers at the camera's image sensor, they successfully saturated specific pixels or induced rolling shutter distortions. This manipulation tricks the frame-difference algorithms used for motion detection, allowing an attacker to either generate false positives or mask real movement entirely. Read the paper here

5. PhantomMap: GPU-Assisted Kernel Exploitation

Hu et al. demonstrate that hackers can use your graphics card to break into the operating system's core. They developed a technique in which the GPU acts as a co-processor to exploit its massive parallelism and Direct Memory Access (DMA) to groom the kernel heap. This allows attackers to win race conditions and bypass CPU-centric OS defenses with significantly higher reliability and speed. Read the paper here

This is just a glimpse of the work being presented later this month in San Diego. The physical layer is getting noisier, and our defenses need to account for the hardware itself, not just the software running on it. You can find the full program at the NDSS website. Support open access security research by checking out the Internet Society.