Abstract
Air-gapped computers are systems that are kept isolated from the Internet since they store or process sensitive information. In this paper, we introduce an optical covert channel in which an attacker can leak (or, exfiltlrate) sensitive information from air-gapped computers through manipulations on the screen brightness. This covert channel is invisible and it works even while the user is working on the computer. Malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys and passwords), and modulate it within the screen brightness, invisible to users. The small changes in the brightness are invisible to humans but can be recovered from video streams taken by cameras such as a local security camera, smartphone camera or a webcam. We present related work and discuss the technical and scientific background of this covert channel. We examined the channel's boundaries under various parameters, with different types of computer and TV screens, and at several distances. We also tested different types of camera receivers to demonstrate the covert channel. Lastly, we present relevant countermeasures to this type of attack.
Original language | English |
---|---|
Title of host publication | 12th CMI Conference on Cybersecurity and Privacy, CMI 2019 |
Publisher | Institute of Electrical and Electronics Engineers |
ISBN (Electronic) | 9781728128566 |
DOIs | |
State | Published - 1 Nov 2019 |
Event | 12th CMI Conference on Cybersecurity and Privacy, CMI 2019 - Copenhagen, Denmark Duration: 28 Nov 2019 → 29 Nov 2019 |
Conference
Conference | 12th CMI Conference on Cybersecurity and Privacy, CMI 2019 |
---|---|
Country/Territory | Denmark |
City | Copenhagen |
Period | 28/11/19 → 29/11/19 |
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
- Information Systems and Management