AIR-FI: Leaking Data from Air-Gapped Computers Using Wi-Fi Frequencies

Research output: Contribution to journalArticlepeer-review

Abstract

This paper presents a new attack allowing attackers to exfiltrate data from isolated, air-gapped computers via Wi-Fi frequencies. We show that malware in a compromised air-gapped computer can generate signals in the Wi-Fi frequency bands. The signals are generated through the memory buses - no special hardware is required. Sensitive data can be modulated and secretly exfiltrated on top of the signals. We show that nearby Wi-Fi-capable devices (e.g., smartphones, laptops, and IoT devices) can intercept these signals, decode them, and send them to the attacker over the Internet. We utilized the physical layer information exposed by the Wi-Fi chips to extract the signals. We further implemented the transmitter and receiver and discussed design considerations and implementation details. We evaluated this covert channel in terms of bandwidth and distance and presented a set of countermeasures. Our evaluation shows that data can be exfiltrated from air-gapped computers to nearby Wi-Fi receivers located meters away at bit rates of 16 b/sec.

Original languageEnglish
Pages (from-to)1-18
Number of pages18
JournalIEEE Transactions on Dependable and Secure Computing
DOIs
StateAccepted/In press - 1 Jan 2022

Keywords

  • Air gaps
  • Computers
  • Hardware
  • Network-level security and protection
  • Receivers
  • Smart phones
  • Universal Serial Bus
  • Wi-Fi
  • Wireless fidelity
  • air-gap
  • covert channels
  • exfiltration

ASJC Scopus subject areas

  • Computer Science (all)
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'AIR-FI: Leaking Data from Air-Gapped Computers Using Wi-Fi Frequencies'. Together they form a unique fingerprint.

Cite this