Air Gap
Air-Gap Research Page
By Dr. Mordechai Guri
Cyber-Security Research Center
Ben-Gurion University of the Negev, Israel
email: gurim@post.bgu.ac.il (linkedin)
***
This page is dedicated to air-gap jumping research
Bridgeware: a class of malware that allow attackers to overcome (‘bridge’) the air-gap isolation
(below you can find links to papers and videos)
Black Hat USA 2018: Mordechai Guri Briefing “The Air-Gap Jumpers”
Link: The Air-Gap Jumpers
Presentation: https://i.blackhat.com/us-18/Wed-August-8/us-18-Guri-AirGap.pdf
BlackHat Video: https://www.youtube.com/watch?v=YKRtFgunyj4
BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets
(by Mordechai Guri)
Paper: https://arxiv.org/pdf/1804.08714.pdf
Video 1: https://youtu.be/ddmHOvT866o
Video 2: https://youtu.be/2WtiHZNeveY
Read our new article in the Communication of the ACM (CACM), April 2018:
Bridgeware: The Air-Gap Malware
By Mordechai Guri, Yuval Elovici
Communications of the ACM, Vol. 61 No. 4, Pages 74-82
Paper: https://dl.acm.org/citation.cfm?id=3177230
PowerHammer (power lines)
“PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines”, Mordechai Guri, Boris Zadov, Dima Bykhovsky, Yuval Elovici
Paper: https://arxiv.org/abs/1804.04014
MOSQUITO (Acoustic)
“MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication “, Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici
Paper:https://arxiv.org/abs/1803.03422
Video 1: https://www.youtube.com/watch?v=ZD8CNxYe5dk
Video 2: https://www.youtube.com/watch?v=O_jz2mDwAew
ODINI (Magnetic)
“ODINI : Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via
Magnetic Fields“, Mordechai Guri, Boris Zadov, Andrey Daidakulov, Yuval Elovici
Paper: https://arxiv.org/abs/1802.02700
Video: https://www.youtube.com/watch?v=h07iXD-aSCA
MAGNETO (Magnetic)
“MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields“, Mordechai Guri, Andrey Daidakulov, Yuval Elovici
Paper: https://arxiv.org/abs/1802.02317
Video: https://www.youtube.com/watch?v=yz8E5n1Tzlo
AirHopper (Electromagnetic)
Mordechai Guri, Gabi Kedma, Assaf Kachlon, and Yuval Elovici. “AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies.” In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on, pp. 58-67. IEEE, 2014.
http://ieeexplore.ieee.org/document/6999418/
Guri, Mordechai, Matan Monitz, and Yuval Elovici. “Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack.” ACM Transactions on Intelligent Systems and Technology (TIST) 8, no. 4 (2017): 50.
Paper: https://dl.acm.org/citation.cfm?id=2870641
Demo video: https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s
BitWhisper (Thermal)
Mordechai Guri, Matan Monitz, Yisroel Mirski, and Yuval Elovici. “Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations.” In Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 276-289. IEEE, 2015.
Paper: http://ieeexplore.ieee.org/document/7243739/
Demo video: https://www.youtube.com/watch?v=EWRk51oB-1Y&t=15s
GSMem (Electromagnetic)
Mordechai Guri, Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Yuval Elovici. “GSMem: Data exfiltration from air-gapped computers over gsm frequencies.” In 24th USENIX Security Symposium (USENIX Security 15), pp. 849-864. 2015.
Paper: https://www.usenix.org/node/190937
Demo video: https://www.youtube.com/watch?v=RChj7Mg3rC4
DiskFiltration (Acoustic)
Mordechai Guri,Yosef Solewicz, Andrey Daidakulov, Yuval Elovici. “Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise (‘DiskFiltration’)”. European Symposium on Research in Computer Security (ESORICS 2017) pp 98-115
Paper: https://link.springer.com/chapter/10.1007/978-3-319-66399-9_6
Demo video: https://www.youtube.com/watch?v=H7lQXmSLiP8
USBee (Electromagnetic)
Mordechai Guri, Matan Monitz, and Yuval Elovici. “USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB.” Privacy, Security and Trust (PST), 2016 14th Annual Conference on
Paper: http://ieeexplore.ieee.org/document/7906972/
Demo video: https://www.youtube.com/watch?v=E28V1t-k8Hk
LED-it-GO (Optical)
Mordechai Guri, Boris Zadov, Yuval Elovici. “LED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED“. Detection of Intrusions and Malware, and Vulnerability Assessment – 14th International Conference, DIMVA 2017: 161-184
Demo video: https://www.youtube.com/watch?v=4vIu8ld68fc
Fansmitter (Acoustic)
Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici. “Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers.” arXiv preprint arXiv:1606.05915 (2016).
Paper: https://arxiv.org/abs/1606.05915
Demo video: https://www.youtube.com/watch?v=v2_sZIfZkDQ
aIR-Jumper (Optical, Infrared)
“aIR-Jumper: Covert Air-Gap Exfiltration/Infiltration via Security Cameras & Infrared (IR)” Mordechai Guri, Dima Bykhovsky, Yuval Elovici
Paper: http://arxiv.org/abs/1709.05742
Video (infiltration): https://www.youtube.com/watch?v=auoYKSzdOj4
Video (exfiltration): https://www.youtube.com/watch?v=om5fNqKjj2M
xLED (Optical)
xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs
Mordechai Guri ; Boris Zadov ; Andrey Daidakulov ; Yuval Elovici
2018 16th Annual Conference on Privacy, Security and Trust (PST)
Paper: https://ieeexplore.ieee.org/document/8514196
Demo video: https://www.youtube.com/watch?v=mSNt4h7EDKo
VisiSploit (Optical)
Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. “An optical covert-channel to leak data through an air-gap.” In Privacy, Security and Trust (PST), 2016 14th Annual Conference on, pp. 642-649. IEEE, 2016.
Paper: http://ieeexplore.ieee.org/document/7906933/
Mordechai Guri, Ofer Hasson, Gabi Kedma, and Yuval Elovici. “VisiSploit: An Optical Covert-Channel to Leak Data through an Air-Gap.” arXiv preprint arXiv:1607.03946 (2016).