Near Field Air-Gap Covert Channel Attack

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

Air-gapped systems are isolated from the Internet due to the sensitive information they handle.This paper presents a new covert channel attack that enables the leaking of sensitive information from highly isolated, air-gapped systems to nearby mobile phones. Malware running on an air-gapped computer can generate radio waves by executing crafted code on the target system. The malicious code exploits the dynamic power consumption of modern computers and manipulates the momentary loads on CPU cores. With this technique, malware can control the computer's internal utilization and generate low-frequency electromagnetic radiation in the 0-60 kHz band. Sensitive information (e.g., files, encryption keys, biometric data, and keylogging) can be modulated over the emanated signals and received by a nearby mobile phone at a max speed of 1000 bit/sec. We show that a standard smartphone with a simple antenna carried by a malicious insider or visitor can be used as a covert receiver. Finally, we present a set of countermeasures to this air-gap attack.

Original languageEnglish
Title of host publicationProceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
PublisherInstitute of Electrical and Electronics Engineers
Pages490-497
Number of pages8
ISBN (Electronic)9781665494250
DOIs
StatePublished - 1 Jan 2022
Event21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022 - Virtual, Online, China
Duration: 9 Dec 202211 Dec 2022

Publication series

NameProceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022

Conference

Conference21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
Country/TerritoryChina
CityVirtual, Online
Period9/12/2211/12/22

Keywords

  • air-gap
  • covert channel
  • electromagnetic
  • exfiltration
  • leakage
  • network

ASJC Scopus subject areas

  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Health Informatics
  • Computer Networks and Communications
  • Information Systems

Fingerprint

Dive into the research topics of 'Near Field Air-Gap Covert Channel Attack'. Together they form a unique fingerprint.

Cite this