Optical air-gap exfiltration attack via invisible images

Research output: Contribution to journalArticlepeer-review

8 Scopus citations


In this paper, we evaluate an optical covert channel in which sensitive information (textual or binary) is exfiltrated from air-gapped computers through the LCD screen. Our experiments show that low contrast and fast blinking images which are invisible to human subjects, can be recovered from photos taken by a local camera. Consequentially, we show that malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys, passwords), and project it onto a computer LCD screen, invisible and unbeknownst to users. An attacker can reconstruct the hidden data using a photo taken by a local camera. In order to demonstrate the feasibility of this type of attack and evaluate the channel's stealth, we conducted a battery of tests with 40 users. We also examined the channel's boundaries under various parameters, with different types of encoded objects, at several distances, and using several kinds of cameras.

Original languageEnglish
Pages (from-to)222-230
Number of pages9
JournalJournal of Information Security and Applications
StatePublished - 1 Jun 2019


  • Air-gap
  • Covert-channel
  • Optical

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Optical air-gap exfiltration attack via invisible images'. Together they form a unique fingerprint.

Cite this