airgap
Air-Gap Research Page
By Dr. Mordechai Guri
Cyber-Security Research Center
Ben-Gurion University of the Negev, Israel
email: gurim@post.bgu.ac.il (linkedin)
WIRED: https://www.wired.com/story/air-gap-researcher-mordechai-guri/
***
This page is dedicated to air-gap jumping research
Air-Gap Covert Channels
(below you can find links to papers and videos)
COVID-bit: Keep a Distance of (at least) 2m From My Air-Gap Computer!
Mordechai Guri
Demo video: https://youtu.be/96eMLEIA57Q
Paper: http://arxiv.org/abs/2212.03520
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes
Mordechai Guri
Demo video: https://youtu.be/5sUQ0jG01dw
Paper: http://arxiv.org/abs/2208.09764
Paper: https://ieeexplore.ieee.org/document/9647842
LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables
Mordechai Guri
2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC)
Demo video: https://youtu.be/-X2Mb5HWE44
Paper: http://arxiv.org/abs/2110.00104
Paper: https://ieeexplore.ieee.org/document/9529607
SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables
Mordechai Guri
2022 19th Annual International Conference on Privacy, Security & Trust (PST)
Demo video: https://www.youtube.com/watch?v=rlmP-csuFIo
Paper: http://arxiv.org/abs/2207.07413
Paper: https://ieeexplore.ieee.org/document/9851978
ETHERLED: Sending Covert Morse Signals from Air-Gapped Devices via Network Card (NIC) LEDs
2022 IEEE International Conference on Cyber Security and Resilience (CSR)
Mordechai Guri
Demo video: https://www.youtube.com/watch?v=acYAPMr_JZg
Paper: https://arxiv.org/abs/2208.09975
Paper: https://ieeexplore.ieee.org/document/9850284
AIR-GAP APT (USB-Borne)
USBCulprit: USB-borne Air-Gap Malware
EICC: European Interdisciplinary Cybersecurity Conference, November 2021
Paper: https://dl.acm.org/doi/abs/10.1145/3487405.3487412
AIR-FI: Leaking Data from Air-Gapped Computers Using Wi-Fi Frequencies
M. Guri, "AIR-FI: Leaking Data from Air-Gapped Computers Using Wi-Fi Frequencies," in IEEE Transactions on Dependable and Secure Computing, 2022, doi: 10.1109/TDSC.2022.3186627.
Paper: https://ieeexplore.ieee.org/document/9808153
Demo video: https://www.youtube.com/watch?v=vhNnc0ln63c
DOI: 10.1109/TDSC.2022.3186627
Air-Fi: Generating Covert Wi-Fi Signals from Air-Gapped Computers
Mordechai Guri
Paper: https://arxiv.org/abs/2012.06884
Demo video: https://www.youtube.com/watch?v=vhNnc0ln63c
POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers
M. Guri, "POWER-SUPPLaY: Leaking Sensitive Data from Air-Gapped, Audio-Gapped Systems by Turning the Power Supplies into Speakers," in IEEE Transactions on Dependable and Secure Computing, doi: 10.1109/TDSC.2021.3133406.
Paper: https://ieeexplore.ieee.org/document/9640597
Paper: https://arxiv.org/abs/2005.00395
Demo video 1: https://www.youtube.com/watch?v=VTTq-wBFu-o
AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs
Mordechai Guri Exfiltrating data from air-gapped computers via ViBrAtIoNs. Future Gener. Comput. Syst. 122: 69-81 (2021)
Paper: https://www.sciencedirect.com/science/article/abs/pii/S0167739X21001151
Paper: https://arxiv.org/abs/2004.06195v1
Demo video: https://youtu.be/XGD343nq1dg
BRIGHTNESS: Leaking Sensitive Data from Air-Gapped Workstations via Screen Brightness
Mordechai Guri, Dima Bykhovsky, Yuval Elovici
2019 12th CMI Conference on Cybersecurity and Privacy (CMI)
Demo Video: https://youtu.be/ZrkZUO2g4DE
(In this demo, the screen secretly exfiltrate the text of "Winnie-the-Pooh" by A.A. Milne)
Paper: https://arxiv.org/abs/2002.01078
Paper: https://ieeexplore.ieee.org/document/8962137
Black Hat USA: Mordechai Guri Briefing "The Air-Gap Jumpers"
Link: The Air-Gap Jumpers
Presentation: https://i.blackhat.com/us-18/Wed-August-8/us-18-Guri-AirGap.pdf
BlackHat Video: https://www.youtube.com/watch?v=YKRtFgunyj4
BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets, Mordechai Guri
2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
Paper: https://ieeexplore.ieee.org/document/8726762
Paper: https://arxiv.org/pdf/1804.08714.pdf
Video 1: https://youtu.be/ddmHOvT866o
Video 2: https://youtu.be/2WtiHZNeveY
Read our new article in the Communication of the ACM (CACM), April 2018:
Bridgeware: The Air-Gap Malware
By Mordechai Guri, Yuval Elovici
Communications of the ACM, Vol. 61 No. 4, Pages 74-82
Paper: https://dl.acm.org/citation.cfm?id=3177230
PowerHammer (exfiltrating data through power lines)
Guri M, Zadov B, Bykhovsky D, Elovici Y. PowerHammer: Exfiltrating data from air-gapped computers through power lines. IEEE Transactions on Information Forensics and Security. 2019 Nov 7.
Paper (IEEE): https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8894040
Paper (arXive version): https://arxiv.org/abs/1804.04014
MOSQUITO (Acoustic)
"MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication ", Mordechai Guri,Yosef Solewicz, Yuval Elovici
2018 IEEE Conference on Dependable and Secure Computing (DSC)
Paper: https://ieeexplore.ieee.org/document/8625124
Video 1: https://www.youtube.com/watch?v=ZD8CNxYe5dk
Video 2: https://www.youtube.com/watch?v=O_jz2mDwAew
ODINI (Magnetic)
"ODINI : Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via
Magnetic Fields", Mordechai Guri, Boris Zadov, Yuval Elovici
IEEE Transactions on Information Forensics and Security, 2019
Paper: https://ieeexplore.ieee.org/document/8820015 (IEEE Open Access)
Video: https://www.youtube.com/watch?v=h07iXD-aSCA
DOI: 10.1109/TIFS.2019.2938404
MAGNETO (Magnetic)
"MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields", Mordechai Guri
Future Generation Computer Systems (FGCS) Volume 115, February 2021, Pages 115-125
Paper: https://doi.org/10.1016/j.future.2020.08.045
Video: https://www.youtube.com/watch?v=yz8E5n1Tzlo
AirHopper (Electromagnetic)
Mordechai Guri, Gabi Kedma, Assaf Kachlon, and Yuval Elovici. "AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies." In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pp. 58-67. IEEE, 2014.
http://ieeexplore.ieee.org/document/6999418/
Guri, Mordechai, Matan Monitz, and Yuval Elovici. "Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack." ACM Transactions on Intelligent Systems and Technology (TIST) 8, no. 4 (2017): 50.
Paper: https://dl.acm.org/citation.cfm?id=2870641
Demo video: https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s
BitWhisper (Thermal)
Mordechai Guri, Matan Monitz, Yisroel Mirski, and Yuval Elovici. "Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations." In Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 276-289. IEEE, 2015.
Paper: http://ieeexplore.ieee.org/document/7243739/
Demo video: https://www.youtube.com/watch?v=EWRk51oB-1Y&t=15s
GSMem (Electromagnetic)
Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Yuval Elovici. "GSMem: Data exfiltration from air-gapped computers over gsm frequencies." In 24th USENIX Security Symposium (USENIX Security 15), pp. 849-864. 2015.
Paper: https://www.usenix.org/node/190937
Demo video: https://www.youtube.com/watch?v=RChj7Mg3rC4
DiskFiltration (Acoustic)
Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici. "Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise (‘DiskFiltration’)". European Symposium on Research in Computer Security (ESORICS 2017) pp 98-115
Paper: https://link.springer.com/chapter/10.1007/978-3-319-66399-9_6
Demo video: https://www.youtube.com/watch?v=H7lQXmSLiP8
USBee (Electromagnetic)
Mordechai Guri, Matan Monitz, and Yuval Elovici. "USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB." Privacy, Security and Trust (PST), 2016 14th Annual Conference on
Paper: http://ieeexplore.ieee.org/document/7906972/
Demo video: https://www.youtube.com/watch?v=E28V1t-k8Hk
LED-it-GO (Optical)
Mordechai Guri, Boris Zadov, Yuval Elovici. "LED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED". Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017: 161-184
Demo video: https://www.youtube.com/watch?v=4vIu8ld68fc
Fansmitter (Acoustic)
Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici. "Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers." arXiv preprint arXiv:1606.05915 (2016).
Paper: https://arxiv.org/abs/1606.05915
Demo video: https://www.youtube.com/watch?v=v2_sZIfZkDQ
Guri, Mordechai, Yosef Solewicz, and Yuval Elovici. "Fansmitter: Acoustic data exfiltration from air-Gapped computers via fans noise." Computers & Security 91 (2020): 101721.
Paper: https://doi.org/10.1016/j.cose.2020.101721
aIR-Jumper (Optical, Infrared)
"aIR-Jumper: Covert air-gap exfiltration/infiltration via security cameras & infrared (IR) " Mordechai Guri, Dima Bykhovsky. Computers & Security (2018).
Paper: https://doi.org/10.1016/j.cose.2018.11.004
Video (infiltration): https://www.youtube.com/watch?v=auoYKSzdOj4
Video (exfiltration): https://www.youtube.com/watch?v=om5fNqKjj2M
CTRL-ALT-LED (Optical)
CTRL-ALT-LED: Leaking Data from Air-Gapped Computers Via Keyboard LEDs
Mordechai Guri
2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)
Paper: https://ieeexplore.ieee.org/document/8754078
Demo video: https://youtu.be/1kBGDHVr7x0
xLED (Optical)
xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs
Mordechai Guri ; Boris Zadov ; Andrey Daidakulov ; Yuval Elovici
2018 16th Annual Conference on Privacy, Security and Trust (PST)
Paper: https://ieeexplore.ieee.org/document/8514196
Demo video: https://www.youtube.com/watch?v=mSNt4h7EDKo
VisiSploit (Optical)
Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "An optical covert-channel to leak data through an air-gap." In Privacy, Security and Trust (PST), 2016 14th Annual Conference on, pp. 642-649. IEEE, 2016.
Paper: http://ieeexplore.ieee.org/document/7906933/
Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "VisiSploit: An Optical Covert-Channel to Leak Data through an Air-Gap." arXiv preprint arXiv:1607.03946 (2016).
LCD TEMPEST Air-Gap Attack Reloaded (Electromagnetic)
Mordechai Guri, Matan Monitz
"LCD TEMPEST Air-Gap Attack Reloaded". 2018 IEEE International Conference on the Science of Electrical Engineering in Israel (ICSEE)
Paper: https://ieeexplore.ieee.org/abstract/document/8646277
HOTSPOT: Crossing the air-gap between isolated pcs and nearby smartphones using temperature (Thermal)
Mordechai Guri
2019 European Intelligence and Security Informatics Conference (EISIC)
Paper: https://ieeexplore.ieee.org/abstract/document/9108874/
Optical air-gap exfiltration attack via invisible images (Optical)
Mordechai Guri
Optical air-gap exfiltration attack via invisible images, Journal of Information Security and Applications
Volume 46, June 2019, Pages 222-230
Paper: https://doi.org/10.1016/j.jisa.2019.02.004
Optical Covert Channel from Air-Gapped Networks via Remote Orchestration of Router/Switch LEDs (Optical)
Mordechai Guri
Optical Covert Channel from Air-Gapped Networks via Remote Orchestration of Router/Switch LEDs
European Intelligence and Security Informatics Conference (EISIC), 2018
Paper: https://ieeexplore.ieee.org/abstract/document/8753035
CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives (Acoustic)
Mordechai Guri
M. Guri, "CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives," 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), Madrid, Spain, 2020, pp. 808-816, doi: 10.1109/COMPSAC48688.2020.0-163.
Paper: https://ieeexplore.ieee.org/document/9202547