@inproceedings{e88c497081514accacf85f232ef25cec,
title = "Near Field Air-Gap Covert Channel Attack",
abstract = "Air-gapped systems are isolated from the Internet due to the sensitive information they handle.This paper presents a new covert channel attack that enables the leaking of sensitive information from highly isolated, air-gapped systems to nearby mobile phones. Malware running on an air-gapped computer can generate radio waves by executing crafted code on the target system. The malicious code exploits the dynamic power consumption of modern computers and manipulates the momentary loads on CPU cores. With this technique, malware can control the computer's internal utilization and generate low-frequency electromagnetic radiation in the 0-60 kHz band. Sensitive information (e.g., files, encryption keys, biometric data, and keylogging) can be modulated over the emanated signals and received by a nearby mobile phone at a max speed of 1000 bit/sec. We show that a standard smartphone with a simple antenna carried by a malicious insider or visitor can be used as a covert receiver. Finally, we present a set of countermeasures to this air-gap attack.",
keywords = "air-gap, covert channel, electromagnetic, exfiltration, leakage, network",
author = "Mordechai Guri",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022 ; Conference date: 09-12-2022 Through 11-12-2022",
year = "2022",
month = jan,
day = "1",
doi = "10.1109/TrustCom56396.2022.00074",
language = "English",
series = "Proceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022",
publisher = "Institute of Electrical and Electronics Engineers",
pages = "490--497",
booktitle = "Proceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022",
address = "United States",
}