{"title":"近场气隙隐蔽通道攻击","authors":"Mordechai Guri","doi":"10.1109/TrustCom56396.2022.00074","DOIUrl":null,"url":null,"abstract":"Air-gapped systems are isolated from the Internet due to the sensitive information they handle.This paper presents a new covert channel attack that enables the leaking of sensitive information from highly isolated, air-gapped systems to nearby mobile phones. Malware running on an air-gapped computer can generate radio waves by executing crafted code on the target system. The malicious code exploits the dynamic power consumption of modern computers and manipulates the momentary loads on CPU cores. With this technique, malware can control the computer's internal utilization and generate low-frequency electromagnetic radiation in the 0-60 kHz band. Sensitive information (e.g., files, encryption keys, biometric data, and keylogging) can be modulated over the emanated signals and received by a nearby mobile phone at a max speed of 1000 bit/sec. We show that a standard smartphone with a simple antenna carried by a malicious insider or visitor can be used as a covert receiver. Finally, we present a set of countermeasures to this air-gap attack.","PeriodicalId":276379,"journal":{"name":"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"138 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Near Field Air-Gap Covert Channel Attack\",\"authors\":\"Mordechai Guri\",\"doi\":\"10.1109/TrustCom56396.2022.00074\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Air-gapped systems are isolated from the Internet due to the sensitive information they handle.This paper presents a new covert channel attack that enables the leaking of sensitive information from highly isolated, air-gapped systems to nearby mobile phones. Malware running on an air-gapped computer can generate radio waves by executing crafted code on the target system. The malicious code exploits the dynamic power consumption of modern computers and manipulates the momentary loads on CPU cores. With this technique, malware can control the computer's internal utilization and generate low-frequency electromagnetic radiation in the 0-60 kHz band. Sensitive information (e.g., files, encryption keys, biometric data, and keylogging) can be modulated over the emanated signals and received by a nearby mobile phone at a max speed of 1000 bit/sec. We show that a standard smartphone with a simple antenna carried by a malicious insider or visitor can be used as a covert receiver. Finally, we present a set of countermeasures to this air-gap attack.\",\"PeriodicalId\":276379,\"journal\":{\"name\":\"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"volume\":\"138 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom56396.2022.00074\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom56396.2022.00074","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Air-gapped systems are isolated from the Internet due to the sensitive information they handle.This paper presents a new covert channel attack that enables the leaking of sensitive information from highly isolated, air-gapped systems to nearby mobile phones. Malware running on an air-gapped computer can generate radio waves by executing crafted code on the target system. The malicious code exploits the dynamic power consumption of modern computers and manipulates the momentary loads on CPU cores. With this technique, malware can control the computer's internal utilization and generate low-frequency electromagnetic radiation in the 0-60 kHz band. Sensitive information (e.g., files, encryption keys, biometric data, and keylogging) can be modulated over the emanated signals and received by a nearby mobile phone at a max speed of 1000 bit/sec. We show that a standard smartphone with a simple antenna carried by a malicious insider or visitor can be used as a covert receiver. Finally, we present a set of countermeasures to this air-gap attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
