Air-gapped computers are isolated both logically and physically from all kinds of existing common communication channel, such as USB ports, wireless and wired net- works. Although the feasibility of infiltrating an ai...Air-gapped computers are isolated both logically and physically from all kinds of existing common communication channel, such as USB ports, wireless and wired net- works. Although the feasibility of infiltrating an air-gapped computer has been proved in recent years, data exfiltration from such sys- tems is still considered to be a challenging task. In this paper we present Powermittcr, a novel approach that can exfiltrate data through an air-gapped computer via its power adapter. Our method utilizes the switched-mode pow- er supply, which exists in all of the laptops, desktop computers and servers nowadays. We demonstrate that a malware can indirectly con- trol the electromagnetic emission frequency of the power supply by leveraging the CPU utili- zation. Furthermore, we show that the emitted signals can be received and demodulated by a dedicated device. We present the proof of con- cept design of the power covert channel and implement a prototype of Powermitter consist- ing of a transmitter and a receiver. The trans- mitter leaks out data by using a variant binary frequency shift keying modulation, and the emitted signal can be captured and decoded by software based virtual oscilloscope through such covert channel. We tested Powermitter on three different computers. The experiment re-suits show the feasibility of this power covert channel. We show that our method can also be used to leak data from different types of embedded systems which use switching power supply.展开更多
基金supported by the National High Technology Research and Development Program of China ("863" Program) (Grant No. 2015AA016002)the National Basic Research Program of China ("973" Program) (Grant No. 2014CB340600)
文摘Air-gapped computers are isolated both logically and physically from all kinds of existing common communication channel, such as USB ports, wireless and wired net- works. Although the feasibility of infiltrating an air-gapped computer has been proved in recent years, data exfiltration from such sys- tems is still considered to be a challenging task. In this paper we present Powermittcr, a novel approach that can exfiltrate data through an air-gapped computer via its power adapter. Our method utilizes the switched-mode pow- er supply, which exists in all of the laptops, desktop computers and servers nowadays. We demonstrate that a malware can indirectly con- trol the electromagnetic emission frequency of the power supply by leveraging the CPU utili- zation. Furthermore, we show that the emitted signals can be received and demodulated by a dedicated device. We present the proof of con- cept design of the power covert channel and implement a prototype of Powermitter consist- ing of a transmitter and a receiver. The trans- mitter leaks out data by using a variant binary frequency shift keying modulation, and the emitted signal can be captured and decoded by software based virtual oscilloscope through such covert channel. We tested Powermitter on three different computers. The experiment re-suits show the feasibility of this power covert channel. We show that our method can also be used to leak data from different types of embedded systems which use switching power supply.
