AIR-FI: Leaking Data From Air-Gapped Computers Using Wi-Fi Frequencies

Research output: Contribution to journalArticlepeer-review

3 Scopus citations

Abstract

This article presents a new attack allowing attackers to exfiltrate data from isolated, air-gapped computers via Wi-Fi frequencies. We show that malware in a compromised air-gapped computer can generate signals in the Wi-Fi frequency bands. The signals are generated through the memory buses - no special hardware is required. Sensitive data can be modulated and secretly exfiltrated on top of the signals. We show that nearby Wi-Fi-capable devices (e.g., smartphones, laptops, and IoT devices) can intercept these signals, decode them, and send them to the attacker over the Internet. We utilized the physical layer information exposed by the Wi-Fi chips to extract the signals. We further implemented the transmitter and receiver and discussed design considerations and implementation details. We evaluated this covert channel in terms of bandwidth and distance and presented a set of countermeasures. Our evaluation shows that data can be exfiltrated from air-gapped computers to nearby Wi-Fi receivers located meters away at bit rates of 16 bit/sec.

Original languageEnglish
Pages (from-to)2547-2564
Number of pages18
JournalIEEE Transactions on Dependable and Secure Computing
Volume20
Issue number3
DOIs
StatePublished - 1 May 2023

Keywords

  • Network-level security and protection
  • Wi-Fi
  • air-gap
  • covert channels
  • electromagnetic
  • exfiltration

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • General Computer Science

Fingerprint

Dive into the research topics of 'AIR-FI: Leaking Data From Air-Gapped Computers Using Wi-Fi Frequencies'. Together they form a unique fingerprint.

Cite this