Exfiltration of Data from Air-gapped Networks via Unmodulated LED Status Indicators
نویسندگان
چکیده
The light-emitting diode(LED) is widely used as an indicator on the information device. Early in 2002, Loughry et al studied the exfiltration of LED indicators[16] and found the kind of LEDs unmodulated to indicate some state of the device can hardly be utilized to establish covert channels. In our paper, a novel approach is proposed to modulate this kind of LEDs. We use binary frequency shift keying(B-FSK) to replace on-off keying(OOK) in modulation. In order to verify the validity, we implement a prototype of an exfiltration malware. Our experiment show a great improvement in the imperceptibility of covert communication. It is available to leak data covertly from air-gapped networks via unmodulated LED status indicators.
منابع مشابه
xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs
In this paper we show how attackers can covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via the row of status LEDs that exists in networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device ('side-channel'), ...
متن کاملData Exfiltration from Air-Gapped Computers based on ARM CPU
Air-gapped Network is a network isolated from public networks. Several techniques of data exfiltration from airgapped networks have been recently proposed. Air-gap malware is a malware that breaks the isolation of an air-gapped computer using air-gap covert channels, which extract information from air-gapped computers running on air-gap networks. Guri et al. presented an air-gap malware “GSMem”...
متن کاملIREXF: Data Exfiltration from Air-gapped Networks by Infrared Remote Control Signals
The technology on infrared remote control is widely applied in human daily life. It is also applied in the place with a top security level. Infrared remote control signal is regarded as a simple, safe and clean resource that can help us control the electrical appliances nearby. In this paper, we build IREXF, a novel infrared optical covert channel from a well-protected air-gapped network via a ...
متن کاملGSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies
Air-gapped networks are isolated, separated both logically and physically from public networks. Although the feasibility of invading such systems has been demonstrated in recent years, exfiltration of data from air-gapped networks is still a challenging task. In this paper we present GSMem, a malware that can exfiltrate data through an air-gap over cellular frequencies. Rogue software on an inf...
متن کاملLED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED
In this paper we present a method which allows attackers to covertly leak data from isolated, air-gapped computers. Our method utilizes the hard disk drive (HDD) activity LED which exists in most of today’s desktop PCs, laptops and servers. We show that a malware can indirectly control the HDD LED, turning it on and off rapidly (up to 5800 blinks per second) – a rate that exceeds the visual per...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1711.03235 شماره
صفحات -
تاریخ انتشار 2017