An optical covert-channel to leak data through an air-gap

Mordechai Guri, Ofer Hasson, Gabi Kedma, Yuval Elovici

Conference: 2016 14th Annual Conference on Privacy, Security and Trust (PST)

In recent years, various out-of-band covert channels have been proposed that demonstrate the feasibility of
leaking data out of computers without the need for network connectivity. The methods proposed have been based on different
type of electromagnetic, acoustic, and thermal emissions. However, optical channels have largely been considered less
covert: because they are visible to the human eye and hence can be detected, they have received less attention from researchers.

In this paper, we introduce VisiSploit, a new type of optical covert channel which, unlike other optical methods, is also
stealthy. Our method exploits the limitations of human visual perception in order to unobtrusively leak data through a standard
computer LCD display. Our experiments show that very low contrast or fast flickering images which are invisible to human
subjects, can be recovered from photos taken by a camera. Consequentially, we show that malicious code on a compromised
computer can obtain sensitive data (e.g., images, encryption keys, passwords), and project it onto a computer LCD screen, invisible
and unbeknownst to users, allowing an attacker to reconstruct the data using a photo taken by a nearby (possibly hidden) camera.
Our research yielding novel attack paradigms that exploit the subtle mechanisms of human visual perception.