airgap

 

Air-Gap Research Page

By Dr. Mordechai Guri
Cyber-Security Research Center
Ben-Gurion University of the Negev, Israel
email: gurim@post.bgu.ac.il (linkedin)

***
This page is dedicated to air-gap jumping research 
Bridgeware:  a class of malware that allow attackers to overcome ('bridge') the air-gap isolation
(below you can find links to papers and videos)

 

Black Hat USA 2018: Mordechai Guri Briefing "The Air-Gap Jumpers"
Link: The Air-Gap Jumpers

Presentation: https://i.blackhat.com/us-18/Wed-August-8/us-18-Guri-AirGap.pdf

BlackHat Video: https://www.youtube.com/watch?v=YKRtFgunyj4

 

BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets, Mordechai Guri 
2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
 

Paper: https://ieeexplore.ieee.org/document/8726762

Paper: https://arxiv.org/pdf/1804.08714.pdf

Video 1: https://youtu.be/ddmHOvT866o 
Video 2: https://youtu.be/2WtiHZNeveY

 

Read our new article in the Communication of the ACM (CACM), April 2018:

Bridgeware: The Air-Gap Malware
By Mordechai Guri, Yuval Elovici 
Communications of the ACM, Vol. 61 No. 4, Pages 74-82
Paper:  https://dl.acm.org/citation.cfm?id=3177230

 

PowerHammer (power lines)

"PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines", Mordechai Guri, Boris Zadov, Dima Bykhovsky, Yuval Elovici

Paper: https://arxiv.org/abs/1804.04014

 

MOSQUITO (Acoustic)

"MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication ", Mordechai Guri,Yosef Solewicz, Yuval Elovici 
2018 IEEE Conference on Dependable and Secure Computing (DSC)

Paper: https://ieeexplore.ieee.org/document/8625124 

Video 1: https://www.youtube.com/watch?v=ZD8CNxYe5dk
Video 2: https://www.youtube.com/watch?v=O_jz2mDwAew

 

ODINI (Magnetic)

"ODINI : Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via
Magnetic Fields", Mordechai Guri, Boris Zadov, Yuval Elovici 
IEEE Transactions on Information Forensics and Security, 2019

Paper: https://ieeexplore.ieee.org/document/8820015 (IEEE Open Access)

Video: https://www.youtube.com/watch?v=h07iXD-aSCA
DOI10.1109/TIFS.2019.2938404

 

MAGNETO (Magnetic)

"MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields", Mordechai Guri, Andrey Daidakulov, Yuval Elovici

Paper: https://arxiv.org/abs/1802.02317

Video: https://www.youtube.com/watch?v=yz8E5n1Tzlo

 

AirHopper (Electromagnetic)

Mordechai Guri, Gabi Kedma, Assaf Kachlon, and Yuval Elovici. "AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies." In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pp. 58-67. IEEE, 2014.

http://ieeexplore.ieee.org/document/6999418/

Guri, Mordechai, Matan Monitz, and Yuval Elovici. "Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack." ACM Transactions on Intelligent Systems and Technology (TIST) 8, no. 4 (2017): 50.

Paper: https://dl.acm.org/citation.cfm?id=2870641

Demo video: https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s

 

BitWhisper (Thermal)

Mordechai Guri, Matan Monitz, Yisroel Mirski, and Yuval Elovici. "Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations." In Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 276-289. IEEE, 2015.

Paper: http://ieeexplore.ieee.org/document/7243739/

Demo video: https://www.youtube.com/watch?v=EWRk51oB-1Y&t=15s

 

GSMem (Electromagnetic)

Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Yuval Elovici. "GSMem: Data exfiltration from air-gapped computers over gsm frequencies." In 24th USENIX Security Symposium (USENIX Security 15), pp. 849-864. 2015.

Paper: https://www.usenix.org/node/190937

Demo video: https://www.youtube.com/watch?v=RChj7Mg3rC4

 

DiskFiltration (Acoustic)

Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici. "Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise (‘DiskFiltration’)". European Symposium on Research in Computer Security (ESORICS 2017) pp 98-115

Paper: https://link.springer.com/chapter/10.1007/978-3-319-66399-9_6

Demo video: https://www.youtube.com/watch?v=H7lQXmSLiP8

  

 

USBee (Electromagnetic)

Mordechai Guri, Matan Monitz, and Yuval Elovici. "USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB." Privacy, Security and Trust (PST), 2016 14th Annual Conference on

Paper: http://ieeexplore.ieee.org/document/7906972/

Demo video: https://www.youtube.com/watch?v=E28V1t-k8Hk

 

 

LED-it-GO (Optical)

Mordechai Guri, Boris Zadov, Yuval Elovici. "LED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED". Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017: 161-184

Paper: https://www.springerprofessional.de/en/led-it-go-leaking-a-lot-of-data-from-air-gapped-computers-via-th/12476142

Demo video: https://www.youtube.com/watch?v=4vIu8ld68fc

 

Fansmitter (Acoustic)

Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici. "Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers." arXiv preprint arXiv:1606.05915 (2016).

Paper: https://arxiv.org/abs/1606.05915

Demo video: https://www.youtube.com/watch?v=v2_sZIfZkDQ

 

aIR-Jumper (Optical, Infrared)

"aIR-Jumper: Covert air-gap exfiltration/infiltration via security cameras & infrared (IR) " Mordechai Guri, Dima Bykhovsky‏. Computers & Security (2018).

Paper: https://doi.org/10.1016/j.cose.2018.11.004

Video (infiltration): https://www.youtube.com/watch?v=auoYKSzdOj4

Video (exfiltration): https://www.youtube.com/watch?v=om5fNqKjj2M

 

 

CTRL-ALT-LED (Optical)

CTRL-ALT-LED: Leaking Data from Air-Gapped Computers Via Keyboard LEDs
Mordechai Guri
2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)
Paper: https://ieeexplore.ieee.org/document/8754078
Demo video: https://youtu.be/1kBGDHVr7x0

 

xLED (Optical)

xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs
Mordechai Guri ; Boris Zadov ; Andrey Daidakulov ; Yuval Elovici
2018 16th Annual Conference on Privacy, Security and Trust (PST)

Paper: https://ieeexplore.ieee.org/document/8514196

Demo video: https://www.youtube.com/watch?v=mSNt4h7EDKo

 

VisiSploit (Optical)

Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "An optical covert-channel to leak data through an air-gap." In Privacy, Security and Trust (PST), 2016 14th Annual Conference on, pp. 642-649. IEEE, 2016.

Paper: http://ieeexplore.ieee.org/document/7906933/

Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. "VisiSploit: An Optical Covert-Channel to Leak Data through an Air-Gap." arXiv preprint arXiv:1607.03946 (2016).

 

LCD TEMPEST Air-Gap Attack Reloaded (Electromagnetic)

Mordechai Guri, Matan Monitz
"LCD TEMPEST Air-Gap Attack Reloaded". 2018 IEEE International Conference on the Science of Electrical Engineering in Israel (ICSEE)

Paper: https://ieeexplore.ieee.org/abstract/document/8646277

 

Optical air-gap exfiltration attack via invisible images (Optical)

Mordechai Guri
Optical air-gap exfiltration attack via invisible images, Journal of Information Security and Applications
Volume 46, June 2019, Pages 222-230

Paper: https://doi.org/10.1016/j.jisa.2019.02.004

 

Optical Covert Channel from Air-Gapped Networks via Remote Orchestration of Router/Switch LEDs (Optical)

Mordechai Guri
Optical Covert Channel from Air-Gapped Networks via Remote Orchestration of Router/Switch LEDs 
European Intelligence and Security Informatics Conference (EISIC),  2018

Paper: https://ieeexplore.ieee.org/abstract/document/8753035