airgap

 

Air-Gap Research Page

By Dr. Mordechai Guri
Cyber-Security Research Center
Ben-Gurion University of the Negev, Israel
email: gurim@post.bgu.ac.il (linkedin)

***
This page is dedicated to air-gap jumping research 
Bridgeware:  a class of malware that allow attackers to overcome ('bridge') the air-gap isolation
(below you can find links to papers and videos)

 

BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets 
(by Mordechai Guri)

Paper: https://arxiv.org/pdf/1804.08714.pdf

Video 1: https://youtu.be/ddmHOvT866o 
Video 2: https://youtu.be/2WtiHZNeveY

 

Read our new article in the Communication of the ACM (CACM), April 2018:

Bridgeware: The Air-Gap Malware
By Mordechai Guri, Yuval Elovici 
Communications of the ACM, Vol. 61 No. 4, Pages 74-82
Paper:  https://dl.acm.org/citation.cfm?id=3177230

 

PowerHammer (power lines)

"PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines", Mordechai Guri, Boris Zadov, Dima Bykhovsky, Yuval Elovici

Paper: https://arxiv.org/abs/1804.04014

 

MOSQUITO (Acoustic)

"MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication ", Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici 

Paper:https://arxiv.org/abs/1803.03422

Video 1: https://www.youtube.com/watch?v=ZD8CNxYe5dk
Video 2: https://www.youtube.com/watch?v=O_jz2mDwAew

 

ODINI (Magnetic)

"ODINI : Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via
Magnetic Fields", Mordechai Guri, Boris Zadov, Andrey Daidakulov, Yuval Elovici 

Paper: https://arxiv.org/abs/1802.02700

Video: https://www.youtube.com/watch?v=h07iXD-aSCA

 

MAGNETO (Magnetic)

"MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields", Mordechai Guri, Andrey Daidakulov, Yuval Elovici

Paper: https://arxiv.org/abs/1802.02317

Video: https://www.youtube.com/watch?v=yz8E5n1Tzlo

 

AirHopper (Electromagnetic)

Mordechai Guri, Gabi Kedma, Assaf Kachlon, and Yuval Elovici. "AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies." In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pp. 58-67. IEEE, 2014.

http://ieeexplore.ieee.org/document/6999418/

Guri, Mordechai, Matan Monitz, and Yuval Elovici. "Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack." ACM Transactions on Intelligent Systems and Technology (TIST) 8, no. 4 (2017): 50.

Paper: https://dl.acm.org/citation.cfm?id=2870641

Demo video: https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s

 

BitWhisper (Thermal)

Mordechai Guri, Matan Monitz, Yisroel Mirski, and Yuval Elovici. "Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations." In Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 276-289. IEEE, 2015.

Paper: http://ieeexplore.ieee.org/document/7243739/

Demo video: https://www.youtube.com/watch?v=EWRk51oB-1Y&t=15s

 

GSMem (Electromagnetic)

Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Yuval Elovici. "GSMem: Data exfiltration from air-gapped computers over gsm frequencies." In 24th USENIX Security Symposium (USENIX Security 15), pp. 849-864. 2015.

Paper: https://www.usenix.org/node/190937

Demo video: https://www.youtube.com/watch?v=RChj7Mg3rC4

 

DiskFiltration (Acoustic)

Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici. "Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise (‘DiskFiltration’)". European Symposium on Research in Computer Security (ESORICS 2017) pp 98-115

Paper: https://link.springer.com/chapter/10.1007/978-3-319-66399-9_6

Demo video: https://www.youtube.com/watch?v=H7lQXmSLiP8

  

 

USBee (Electromagnetic)

Mordechai Guri, Matan Monitz, and Yuval Elovici. "USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB." Privacy, Security and Trust (PST), 2016 14th Annual Conference on

Paper: http://ieeexplore.ieee.org/document/7906972/

Demo video: https://www.youtube.com/watch?v=E28V1t-k8Hk

 

 

LED-it-GO (Optical)

Mordechai Guri, Boris Zadov, Yuval Elovici. "LED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED". Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017: 161-184

Paper: https://www.springerprofessional.de/en/led-it-go-leaking-a-lot-of-data-from-air-gapped-computers-via-th/12476142

Demo video: https://www.youtube.com/watch?v=4vIu8ld68fc

 

Fansmitter (Acoustic)

Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici. "Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers." arXiv preprint arXiv:1606.05915 (2016).

Paper: https://arxiv.org/abs/1606.05915

Demo video: https://www.youtube.com/watch?v=v2_sZIfZkDQ

 

aIR-Jumper (Optical, Infrared)

"aIR-Jumper: Covert Air-Gap Exfiltration/Infiltration via Security Cameras & Infrared (IR)" Mordechai Guri, Dima Bykhovsky‏, Yuval Elovici

Paper: http://arxiv.org/abs/1709.05742

Video (infiltration): https://www.youtube.com/watch?v=auoYKSzdOj4

Video (exfiltration): https://www.youtube.com/watch?v=om5fNqKjj2M

 

xLED (Optical)

Mordechai Guri, Boris Zadov, Andrey Daidakulov, Yuval Elovici. "xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs"

Paper: https://arxiv.org/abs/1706.01140

Demo video: https://www.youtube.com/watch?v=mSNt4h7EDKo

 

VisiSploit (Optical)

Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "An optical covert-channel to leak data through an air-gap." In Privacy, Security and Trust (PST), 2016 14th Annual Conference on, pp. 642-649. IEEE, 2016.

Paper: http://ieeexplore.ieee.org/document/7906933/

Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "VisiSploit: An Optical Covert-Channel to Leak Data through an Air-Gap." arXiv preprint arXiv:1607.03946 (2016).