TY - GEN
T1 - LCD TEMPEST Air-Gap Attack Reloaded
AU - Guri, Mordechai
AU - Monitz, Matan
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2019/2/20
Y1 - 2019/2/20
N2 - In 1998, researcher showed how attackers can transmit data from computers through electromagnetic radio waves generated by the computer video card. 20 years later, we examine this type of threat in a context of modern cyber-Attacks. In this type of threat, attackers can covertly leak sensitive data from isolated ('air-gapped') computers using the electromagnetic emission from the video card. We present related work and give a brief technical background. We tested the TEMPEST attack with modern LCD screens and affordable user-defined-radio hardware available today for only 30. We implement a transmitter malware that can modulate binary data and transmit it over electromagnetic waves emitted from the video cable. We also implement a remote receiver, which demodulate and decode the transmission using GNU Radio. We present an analysis of the frequency range, effective distance and the bandwidth of this covert-channel. We found that malware can covertly leak data (e.g., encryption keys, keylogging data and documents) from air-gapped computers to a nearby RF receiver via the electromagnetic emission. The effective bitrate of this channel is 60 bit/sec to 640 bit/sec.
AB - In 1998, researcher showed how attackers can transmit data from computers through electromagnetic radio waves generated by the computer video card. 20 years later, we examine this type of threat in a context of modern cyber-Attacks. In this type of threat, attackers can covertly leak sensitive data from isolated ('air-gapped') computers using the electromagnetic emission from the video card. We present related work and give a brief technical background. We tested the TEMPEST attack with modern LCD screens and affordable user-defined-radio hardware available today for only 30. We implement a transmitter malware that can modulate binary data and transmit it over electromagnetic waves emitted from the video cable. We also implement a remote receiver, which demodulate and decode the transmission using GNU Radio. We present an analysis of the frequency range, effective distance and the bandwidth of this covert-channel. We found that malware can covertly leak data (e.g., encryption keys, keylogging data and documents) from air-gapped computers to a nearby RF receiver via the electromagnetic emission. The effective bitrate of this channel is 60 bit/sec to 640 bit/sec.
KW - aie-gap
KW - data-leak
KW - electromagentic
KW - exfiltration
KW - software-defined-radio (key words)
UR - http://www.scopus.com/inward/record.url?scp=85063150718&partnerID=8YFLogxK
U2 - 10.1109/ICSEE.2018.8646277
DO - 10.1109/ICSEE.2018.8646277
M3 - Conference contribution
AN - SCOPUS:85063150718
T3 - 2018 IEEE International Conference on the Science of Electrical Engineering in Israel, ICSEE 2018
BT - 2018 IEEE International Conference on the Science of Electrical Engineering in Israel, ICSEE 2018
PB - Institute of Electrical and Electronics Engineers
T2 - 2018 IEEE International Conference on the Science of Electrical Engineering in Israel, ICSEE 2018
Y2 - 12 December 2018 through 14 December 2018
ER -