TY - GEN
T1 - GAIROSCOPE
T2 - 18th International Conference on Privacy, Security and Trust, PST 2021
AU - Guri, Mordechai
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - It is known that malware can leak data from isolated, air-gapped computers to nearby smartphones using ultrasonic waves. However, this covert channel requires access to the smartphone's microphone, which is highly protected in Android OS and iOS, and might be non-accessible, disabled, or blocked. In this paper we present 'GAIROSCOPE, ' an ultrasonic covert channel that doesn't require a microphone on the receiving side. Our malware generates ultrasonic tones in the resonance frequencies of the MEMS gyroscope. These inaudible frequencies produce tiny mechanical oscillations within the smartphone's gyroscope, which can be demodulated into binary information. Notably, the gyroscope in smartphones is considered to be a 'safe' sensor that can be used freely from mobile apps and javascript. We introduce the adversarial attack model and present related work. We provide the relevant technical background and show the design and implementation of GAIROSCOPE. We present the evaluation results and discuss a set of countermeasures to this threat. Our experiments show that attackers can exfiltrate sensitive information from air-gapped computers to a smartphone located a few meters away via Speakers-to-Gyroscope covert channel.
AB - It is known that malware can leak data from isolated, air-gapped computers to nearby smartphones using ultrasonic waves. However, this covert channel requires access to the smartphone's microphone, which is highly protected in Android OS and iOS, and might be non-accessible, disabled, or blocked. In this paper we present 'GAIROSCOPE, ' an ultrasonic covert channel that doesn't require a microphone on the receiving side. Our malware generates ultrasonic tones in the resonance frequencies of the MEMS gyroscope. These inaudible frequencies produce tiny mechanical oscillations within the smartphone's gyroscope, which can be demodulated into binary information. Notably, the gyroscope in smartphones is considered to be a 'safe' sensor that can be used freely from mobile apps and javascript. We introduce the adversarial attack model and present related work. We provide the relevant technical background and show the design and implementation of GAIROSCOPE. We present the evaluation results and discuss a set of countermeasures to this threat. Our experiments show that attackers can exfiltrate sensitive information from air-gapped computers to a smartphone located a few meters away via Speakers-to-Gyroscope covert channel.
UR - https://www.scopus.com/pages/publications/85124098189
U2 - 10.1109/PST52912.2021.9647842
DO - 10.1109/PST52912.2021.9647842
M3 - Conference contribution
AN - SCOPUS:85124098189
T3 - 2021 18th International Conference on Privacy, Security and Trust, PST 2021
BT - 2021 18th International Conference on Privacy, Security and Trust, PST 2021
PB - Institute of Electrical and Electronics Engineers
Y2 - 13 December 2021 through 15 December 2021
ER -