Abstract
This article presents a new attack allowing attackers to exfiltrate data from isolated, air-gapped computers via Wi-Fi frequencies. We show that malware in a compromised air-gapped computer can generate signals in the Wi-Fi frequency bands. The signals are generated through the memory buses - no special hardware is required. Sensitive data can be modulated and secretly exfiltrated on top of the signals. We show that nearby Wi-Fi-capable devices (e.g., smartphones, laptops, and IoT devices) can intercept these signals, decode them, and send them to the attacker over the Internet. We utilized the physical layer information exposed by the Wi-Fi chips to extract the signals. We further implemented the transmitter and receiver and discussed design considerations and implementation details. We evaluated this covert channel in terms of bandwidth and distance and presented a set of countermeasures. Our evaluation shows that data can be exfiltrated from air-gapped computers to nearby Wi-Fi receivers located meters away at bit rates of 16 bit/sec.
| Original language | English |
|---|---|
| Pages (from-to) | 2547-2564 |
| Number of pages | 18 |
| Journal | IEEE Transactions on Dependable and Secure Computing |
| Volume | 20 |
| Issue number | 3 |
| DOIs | |
| State | Published - 1 May 2023 |
Keywords
- Network-level security and protection
- Wi-Fi
- air-gap
- covert channels
- electromagnetic
- exfiltration
ASJC Scopus subject areas
- General Computer Science
- Electrical and Electronic Engineering