airgap

 

Air-Gap Research Page

By Dr. Mordechai Guri
Cyber-Security Research Center
Ben-Gurion University of the Negev, Israel
email: gurim@post.bgu.ac.il (linkedin)

WIRED: https://www.wired.com/story/air-gap-researcher-mordechai-guri/

***
This page is dedicated to air-gap jumping research

Air-Gap Covert Channels 
(below you can find links to papers and videos)

 

 

COVID-bit: Keep a Distance of (at least) 2m From My Air-Gap Computer!
Mordechai Guri
Demo video: https://youtu.be/96eMLEIA57Q
Paper: http://arxiv.org/abs/2212.03520

 

GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes
Mordechai Guri
Demo video: https://youtu.be/5sUQ0jG01dw
Paper: http://arxiv.org/abs/2208.09764
Paper: https://ieeexplore.ieee.org/document/9647842

 

LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables
Mordechai Guri
2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC)
Demo video: https://youtu.be/-X2Mb5HWE44
Paper:  http://arxiv.org/abs/2110.00104
Paper: https://ieeexplore.ieee.org/document/9529607

 

SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables
Mordechai Guri
2022 19th Annual International Conference on Privacy, Security & Trust (PST)
Demo video: https://www.youtube.com/watch?v=rlmP-csuFIo
Paper: http://arxiv.org/abs/2207.07413
Paper: https://ieeexplore.ieee.org/document/9851978

 

ETHERLED: Sending Covert Morse Signals from Air-Gapped Devices via Network Card (NIC) LEDs
2022 IEEE International Conference on Cyber Security and Resilience (CSR)
Mordechai Guri
Demo video: https://www.youtube.com/watch?v=acYAPMr_JZg
Paper: https://arxiv.org/abs/2208.09975 
Paper: https://ieeexplore.ieee.org/document/9850284 

 

AIR-GAP APT (USB-Borne)
USBCulprit: USB-borne Air-Gap Malware
EICC: European Interdisciplinary Cybersecurity Conference, November 2021
Paper: https://dl.acm.org/doi/abs/10.1145/3487405.3487412

 

AIR-FI: Leaking Data from Air-Gapped Computers Using Wi-Fi Frequencies
M. Guri, "AIR-FI: Leaking Data from Air-Gapped Computers Using Wi-Fi Frequencies," in IEEE Transactions on Dependable and Secure Computing, 2022, doi: 10.1109/TDSC.2022.3186627.
Paper: https://ieeexplore.ieee.org/document/9808153
Demo video: https://www.youtube.com/watch?v=vhNnc0ln63c 
DOI: 10.1109/TDSC.2022.3186627

 

Air-Fi: Generating Covert Wi-Fi Signals from Air-Gapped Computers
Mordechai Guri
Paper: https://arxiv.org/abs/2012.06884
Demo video: https://www.youtube.com/watch?v=vhNnc0ln63c

 

POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers
M. Guri, "POWER-SUPPLaY: Leaking Sensitive Data from Air-Gapped, Audio-Gapped Systems by Turning the Power Supplies into Speakers," in IEEE Transactions on Dependable and Secure Computing, doi: 10.1109/TDSC.2021.3133406.
Paper: https://ieeexplore.ieee.org/document/9640597
Paper: https://arxiv.org/abs/2005.00395
Demo video 1: https://www.youtube.com/watch?v=VTTq-wBFu-o  

 

 

 

AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs
Mordechai Guri Exfiltrating data from air-gapped computers via ViBrAtIoNs. Future Gener. Comput. Syst. 122: 69-81 (2021)

Paper: https://www.sciencedirect.com/science/article/abs/pii/S0167739X21001151
Paper: https://arxiv.org/abs/2004.06195v1
Demo video: https://youtu.be/XGD343nq1dg

 

BRIGHTNESS: Leaking Sensitive Data from Air-Gapped Workstations via Screen Brightness
Mordechai Guri, Dima Bykhovsky, Yuval Elovici
2019 12th CMI Conference on Cybersecurity and Privacy (CMI)

Demo Video: https://youtu.be/ZrkZUO2g4DE
(In this demo, the screen secretly exfiltrate the text of "Winnie-the-Pooh" by A.A. Milne)

Paper: https://arxiv.org/abs/2002.01078
Paper: https://ieeexplore.ieee.org/document/8962137

 

Black Hat USA: Mordechai Guri Briefing "The Air-Gap Jumpers"
Link: The Air-Gap Jumpers

Presentation: https://i.blackhat.com/us-18/Wed-August-8/us-18-Guri-AirGap.pdf

BlackHat Video: https://www.youtube.com/watch?v=YKRtFgunyj4

 

BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets, Mordechai Guri 
2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
 

Paper: https://ieeexplore.ieee.org/document/8726762

Paper: https://arxiv.org/pdf/1804.08714.pdf

Video 1: https://youtu.be/ddmHOvT866o 
Video 2: https://youtu.be/2WtiHZNeveY

 

Read our new article in the Communication of the ACM (CACM), April 2018:

Bridgeware: The Air-Gap Malware
By Mordechai Guri, Yuval Elovici 
Communications of the ACM, Vol. 61 No. 4, Pages 74-82
Paper:  https://dl.acm.org/citation.cfm?id=3177230

 

PowerHammer (exfiltrating data through power lines)

Guri M, Zadov B, Bykhovsky D, Elovici Y. PowerHammer: Exfiltrating data from air-gapped computers through power lines. IEEE Transactions on Information Forensics and Security. 2019 Nov 7.

Paper (IEEE): https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8894040
Paper (arXive version):  https://arxiv.org/abs/1804.04014

 

 

MOSQUITO (Acoustic)

"MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication ", Mordechai Guri,Yosef Solewicz, Yuval Elovici 
2018 IEEE Conference on Dependable and Secure Computing (DSC)

Paper: https://ieeexplore.ieee.org/document/8625124 

Video 1: https://www.youtube.com/watch?v=ZD8CNxYe5dk
Video 2: https://www.youtube.com/watch?v=O_jz2mDwAew

 

ODINI (Magnetic)

"ODINI : Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via
Magnetic Fields", Mordechai Guri, Boris Zadov, Yuval Elovici 
IEEE Transactions on Information Forensics and Security, 2019

Paper: https://ieeexplore.ieee.org/document/8820015 (IEEE Open Access)

Video: https://www.youtube.com/watch?v=h07iXD-aSCA
DOI10.1109/TIFS.2019.2938404

 

MAGNETO (Magnetic)

"MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields", Mordechai Guri 
Future Generation Computer Systems (FGCS) Volume 115, February 2021, Pages 115-125

 

Paper: https://doi.org/10.1016/j.future.2020.08.045

Video: https://www.youtube.com/watch?v=yz8E5n1Tzlo

 

AirHopper (Electromagnetic)

Mordechai Guri, Gabi Kedma, Assaf Kachlon, and Yuval Elovici. "AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies." In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pp. 58-67. IEEE, 2014.

http://ieeexplore.ieee.org/document/6999418/

Guri, Mordechai, Matan Monitz, and Yuval Elovici. "Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack." ACM Transactions on Intelligent Systems and Technology (TIST) 8, no. 4 (2017): 50.

Paper: https://dl.acm.org/citation.cfm?id=2870641

Demo video: https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s

 

BitWhisper (Thermal)

Mordechai Guri, Matan Monitz, Yisroel Mirski, and Yuval Elovici. "Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations." In Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 276-289. IEEE, 2015.

Paper: http://ieeexplore.ieee.org/document/7243739/

Demo video: https://www.youtube.com/watch?v=EWRk51oB-1Y&t=15s

 

GSMem (Electromagnetic)

Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Yuval Elovici. "GSMem: Data exfiltration from air-gapped computers over gsm frequencies." In 24th USENIX Security Symposium (USENIX Security 15), pp. 849-864. 2015.

Paper: https://www.usenix.org/node/190937

Demo video: https://www.youtube.com/watch?v=RChj7Mg3rC4

 

DiskFiltration (Acoustic)

Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici. "Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise (‘DiskFiltration’)". European Symposium on Research in Computer Security (ESORICS 2017) pp 98-115

Paper: https://link.springer.com/chapter/10.1007/978-3-319-66399-9_6

Demo video: https://www.youtube.com/watch?v=H7lQXmSLiP8

  

 

USBee (Electromagnetic)

Mordechai Guri, Matan Monitz, and Yuval Elovici. "USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB." Privacy, Security and Trust (PST), 2016 14th Annual Conference on

Paper: http://ieeexplore.ieee.org/document/7906972/

Demo video: https://www.youtube.com/watch?v=E28V1t-k8Hk

 

 

LED-it-GO (Optical)

Mordechai Guri, Boris Zadov, Yuval Elovici. "LED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED". Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017: 161-184

Paper: https://www.springerprofessional.de/en/led-it-go-leaking-a-lot-of-data-from-air-gapped-computers-via-th/12476142

Demo video: https://www.youtube.com/watch?v=4vIu8ld68fc

 

Fansmitter (Acoustic)

Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici. "Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers." arXiv preprint arXiv:1606.05915 (2016).

Paper: https://arxiv.org/abs/1606.05915

Demo video: https://www.youtube.com/watch?v=v2_sZIfZkDQ

Guri, Mordechai, Yosef Solewicz, and Yuval Elovici. "Fansmitter: Acoustic data exfiltration from air-Gapped computers via fans noise." Computers & Security 91 (2020): 101721.

Paper: https://doi.org/10.1016/j.cose.2020.101721

 

aIR-Jumper (Optical, Infrared)

"aIR-Jumper: Covert air-gap exfiltration/infiltration via security cameras & infrared (IR) " Mordechai Guri, Dima Bykhovsky‏. Computers & Security (2018).

Paper: https://doi.org/10.1016/j.cose.2018.11.004

Video (infiltration): https://www.youtube.com/watch?v=auoYKSzdOj4

Video (exfiltration): https://www.youtube.com/watch?v=om5fNqKjj2M

 

 

CTRL-ALT-LED (Optical)

CTRL-ALT-LED: Leaking Data from Air-Gapped Computers Via Keyboard LEDs
Mordechai Guri
2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)
Paper: https://ieeexplore.ieee.org/document/8754078
Demo video: https://youtu.be/1kBGDHVr7x0

 

xLED (Optical)

xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs
Mordechai Guri ; Boris Zadov ; Andrey Daidakulov ; Yuval Elovici
2018 16th Annual Conference on Privacy, Security and Trust (PST)

Paper: https://ieeexplore.ieee.org/document/8514196

Demo video: https://www.youtube.com/watch?v=mSNt4h7EDKo

 

VisiSploit (Optical)

Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "An optical covert-channel to leak data through an air-gap." In Privacy, Security and Trust (PST), 2016 14th Annual Conference on, pp. 642-649. IEEE, 2016.

Paper: http://ieeexplore.ieee.org/document/7906933/

Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "VisiSploit: An Optical Covert-Channel to Leak Data through an Air-Gap." arXiv preprint arXiv:1607.03946 (2016).

 

LCD TEMPEST Air-Gap Attack Reloaded (Electromagnetic)

Mordechai Guri, Matan Monitz
"LCD TEMPEST Air-Gap Attack Reloaded". 2018 IEEE International Conference on the Science of Electrical Engineering in Israel (ICSEE)

Paper: https://ieeexplore.ieee.org/abstract/document/8646277

 

HOTSPOT: Crossing the air-gap between isolated pcs and nearby smartphones using temperature (Thermal)

Mordechai Guri 
2019 European Intelligence and Security Informatics Conference (EISIC)
Paper: https://ieeexplore.ieee.org/abstract/document/9108874/

 

 

Optical air-gap exfiltration attack via invisible images (Optical)

Mordechai Guri
Optical air-gap exfiltration attack via invisible images, Journal of Information Security and Applications
Volume 46, June 2019, Pages 222-230

Paper: https://doi.org/10.1016/j.jisa.2019.02.004

 

Optical Covert Channel from Air-Gapped Networks via Remote Orchestration of Router/Switch LEDs (Optical)

Mordechai Guri
Optical Covert Channel from Air-Gapped Networks via Remote Orchestration of Router/Switch LEDs 
European Intelligence and Security Informatics Conference (EISIC),  2018

Paper: https://ieeexplore.ieee.org/abstract/document/8753035

 

CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives (Acoustic)

 Mordechai Guri
M. Guri, "CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives," 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), Madrid, Spain, 2020, pp. 808-816, doi: 10.1109/COMPSAC48688.2020.0-163.

Paper: https://ieeexplore.ieee.org/document/9202547