AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers

Mordechai Guri

Corpus ID: 229152889

AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers

@article{Guri2020AIRFIGC,
  title={AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers},
  author={Mordechai Guri},
  journal={ArXiv},
  year={2020},
  volume={abs/2012.06884}
}

Mordechai Guri
Published 2020
Computer Science
ArXiv

In this paper, we show that attackers can exfiltrate data from air-gapped computers via Wi-Fi signals. Malware in a compromised air-gapped computer can generate signals in the Wi-Fi frequency bands. The signals are generated through the memory buses - no special hardware is required. Sensitive data can be modulated and secretly exfiltrated on top of the signals. We show that nearby Wi-Fi capable devices (e.g., smartphones, laptops, IoT devices) can intercept these signals, decode them, and send… Expand

View PDF on arXiv

Figures and Tables from this paper

References

SHOWING 1-10 OF 55 REFERENCES

SORT BY

MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields

Mordechai Guri, Andrey Daidakulov, Y. Elovici
Computer Science
Future Gener. Comput. Syst.
2021

It is shown that attackers can leak data from isolated, air-gapped computers to nearby smartphones via covert magnetic signals, and the proposed covert channel works from a user-level process, without requiring special privileges, and can successfully operate from within an isolated virtual machine (VM). Expand

HOTSPOT: Crossing the Air-Gap Between Isolated PCs and Nearby Smartphones Using Temperature

Mordechai Guri
Computer Science
2019 European Intelligence and Security Informatics Conference (EISIC)
2019

The results show that it possible to send covert signals from air-gapped PCs to the attacker on the Internet through the thermal pings, and propose countermeasures for this type of covert channel which has thus far been overlooked. Expand

GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies

Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, Y. Elovici
Computer Science
USENIX Security Symposium
2015

GSMem, a malware that can exfiltrate data through an air-gap over cellular frequencies, is presented and its efficacy and feasibility are demonstrated, achieving an effective transmission distance of 1 - 5.5 meters with a standard mobile phone. Expand

USBee: Air-gap covert-channel via electromagnetic emission from USB

Mordechai Guri, Matan Monitz, Y. Elovici
Computer Science
2016 14th Annual Conference on Privacy, Security and Trust (PST)
2016

It is demonstrated how a software can intentionally generate controlled electromagnetic emissions from the data bus of a USB connector, and it is shown that the emitted RF signals can be controlled and modulated with arbitrary binary data. Expand

CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives

Mordechai Guri
Computer Science
2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)
2020

This paper presents CD-LEAK - a novel acoustic covert channel that works in constrained environments where loudspeakers are not available to the attacker, and develops a transmitter and receiver for PCs and smartphones. Expand

AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs

Mordechai Guri
Computer Science
ArXiv
2020

The results show that data can be exfiltrated from air-gapped computer to a nearby smartphone on the same table, or even an adjacent table, via vibrations, and a set of countermeasures are proposed for this new type of attack. Expand

xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs

Mordechai Guri, B. Zadov, Andrey Daidakulov, Y. Elovici
Computer Science
2018 16th Annual Conference on Privacy, Security and Trust (PST)
2018

It is shown how attackers can covertly leak sensitive data from air-gapped networks via the row of status LEDs on networking equipment such as LAN switches and routers through different modulation and encoding schemas, along with a transmission protocol. Expand

AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies

Mordechai Guri, Gabi Kedma, Assaf Kachlon, Y. Elovici
Computer Science
2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE)
2014

AirHopper is presented, a bifurcated malware that bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals and it is demonstrated how textual and binary data can be exfiltrated from physically isolated computer to mobile phones at a distance of 1-7 meters. Expand

Air-Gap Covert Channels

B. Carrara
Computer Science
2016

It is empirically demonstrated that using physically unmodified, commodity systems, covert-acoustic channels can be used to communicate at data rates of hundreds of bits per second, without being detected by humans in the environment, and data rates when nobody is around to hear the communication. Expand

On Acoustic Covert Channels Between Air-Gapped Systems

B. Carrara, C. Adams
Computer Science
FPS
2014

In this work, we study the ability for malware to leak sensitive information from an air-gapped high-security system to systems on a low-security network, using ultrasonic and audible audio covert… Expand

AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers

Figures and Tables from this paper

References

Related Papers