Air hopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies

Mordechai Guri, Gabi Kedma, Assaf Kachlon, Yuval Elovici

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

90 Scopus citations

Abstract

Information is the most critical asset of modern organizations, and accordingly coveted by adversaries. When highly sensitive data is involved, an organization may resort to air-gap isolation, in which there is no networking connection between the inner network and the external world. While infiltrating an air-gapped network has been proven feasible in recent years (e.g., Stuxnet), data exfiltration from an air-gapped network is still considered to be one of the most challenging phases of an advanced cyber-attack. In this paper we present 'AirHopper', a bifurcated malware that bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals. While it is known that software can intentionally create radio emissions from a video display unit, this is the first time that mobile phones are considered in an attack model as the intended receivers of maliciously crafted radio signals. We examine the attack model and its limitations, and discuss implementation considerations such as stealth and modulation methods. Finally, we evaluate AirHopper and demonstrate how textual and binary data can be exfiltrated from physically isolated computer to mobile phones at a distance of 1-7 meters, with effective bandwidth of 13-60 Bps (Bytes per second).

Original languageEnglish
Title of host publicationProceedings of the 9th IEEE International Conference on Malicious and Unwanted Software, MALCON 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages58-67
Number of pages10
ISBN (Electronic)9781479973293
DOIs
StatePublished - 29 Dec 2014
Event9th IEEE International Conference on Malicious and Unwanted Software, MALCON 2014 - Fajardo, Puerto Rico
Duration: 28 Oct 201430 Oct 2014

Publication series

NameProceedings of the 9th IEEE International Conference on Malicious and Unwanted Software, MALCON 2014

Conference

Conference9th IEEE International Conference on Malicious and Unwanted Software, MALCON 2014
Country/TerritoryPuerto Rico
CityFajardo
Period28/10/1430/10/14

ASJC Scopus subject areas

  • Artificial Intelligence
  • Visual Arts and Performing Arts

Fingerprint

Dive into the research topics of 'Air hopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies'. Together they form a unique fingerprint.

Cite this