Computer Science > Cryptography and Security
[Submitted on 13 Apr 2020]
Title:AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs
View PDFAbstract:Air-gap covert channels are special types of covert communication channels that enable attackers to exfiltrate data from isolated, network-less computers. Various types of air-gap covert channels have been demonstrated over the years, including electromagnetic, magnetic, acoustic, optical, and thermal.
In this paper, we introduce a new type of vibrational (seismic) covert channel. We observe that computers vibrate at a frequency correlated to the rotation speed of their internal fans. These inaudible vibrations affect the entire structure on which the computer is placed. Our method is based on malware's capability of controlling the vibrations generated by a computer, by regulating its internal fan speeds. We show that the malware-generated covert vibrations can be sensed by nearby smartphones via the integrated, sensitive \textit{accelerometers}. Notably, the accelerometer sensors in smartphones can be accessed by any app without requiring the user permissions, which make this attack highly evasive. We implemented AiR-ViBeR, malware that encodes binary information, and modulate it over a low frequency vibrational carrier. The data is then decoded by malicious application on a smartphone placed on the same surface (e.g., on a desk). We discuss the attack model, provide technical background, and present the implementation details and evaluation results. Our results show that using AiR-ViBeR, data can be exfiltrated from air-gapped computer to a nearby smartphone on the same table, or even an adjacent table, via vibrations. Finally, we propose a set of countermeasures for this new type of attack.
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.