On Covert Acoustical Mesh Networks in Air

Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the ultrasonic frequency range. We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a meshed botnet or malnet that is accessible via inaudible audio transmissions. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities.

[1]  Wenke Lee,et al.  Evaluating Bluetooth as a Medium for Botnet Command and Control , 2010, DIMVA.

[2]  Cristina V. Lopes,et al.  Acoustic Modems for Ubiquitous Computing , 2003, IEEE Pervasive Comput..

[3]  Douglas C. Schmidt,et al.  R&D challenges and solutions for mobile cyber-physical applications and supporting Internet services , 2010, Journal of Internet Services and Applications.

[4]  John K. Antonio,et al.  Multi-tone FSK for ultrasonic communication , 2010, 2010 IEEE Instrumentation & Measurement Technology Conference Proceedings.

[5]  Guofei Gu,et al.  A Taxonomy of Botnet Structures , 2007, ACSAC.

[6]  Michele Zorzi,et al.  Underwater Acoustic Networking Techniques , 2012, Springer Briefs in Electrical and Computer Engineering.

[7]  Beatrice Tomasi,et al.  JANUS: the genesis, propagation and use of an underwater standard , 2010 .

[8]  M. VishnevskyV.,et al.  IEEE 802.11 Wireless LAN , 2002 .

[9]  Scott Elliott,et al.  An Examination of the Feasibility of Ultrasonic Communications Links , 2010 .

[10]  Trent Jaeger,et al.  Security architecture for component-based operating systems , 1998, ACM SIGOPS European Workshop.

[11]  Jorg Kalwa,et al.  The RACUN-project: Robust acoustic communications in underwater networks — An overview , 2011, OCEANS 2011 IEEE - Spain.

[12]  Jörg Keller,et al.  A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems , 2014, ArXiv.

[13]  Wim van Eck,et al.  Electromagnetic radiation from video display units: An eavesdropping risk? , 1985, Comput. Secur..

[14]  Kaveh Pahlavan,et al.  IEEE 802.3 Ethernet , 2009 .

[15]  Nitesh Saxena,et al.  Sensing-enabled channels for hard-to-detect command and control of mobile devices , 2013, ASIA CCS '13.

[16]  Ramarathnam Venkatesan,et al.  Dhwani: secure peer-to-peer acoustic NFC , 2013, SIGCOMM.

[17]  Michael Hanspach,et al.  Recent Developments in Covert Acoustical Communications , 2014, Sicherheit.

[18]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[19]  Eran Tromer,et al.  Acoustic cryptanalysis : on nosy people and noisy machines , 2004 .

[20]  David A. Umphress,et al.  Information leakage from optical emanations , 2002, TSEC.

[21]  Chuan Li,et al.  Short-range ultrasonic digital communications in air , 2008, IEEE Transactions on Ultrasonics, Ferroelectrics and Frequency Control.

[22]  Geert Leus,et al.  Multiband OFDM for Covert Acoustic Communications , 2008, IEEE Journal on Selected Areas in Communications.

[23]  Giovanni Vigna,et al.  ClearShot: Eavesdropping on Keyboard Input from Video , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[24]  Richard Frankland,et al.  Side Channels, Compromising Emanations and Surveillance: Current and future technologies , 2011 .

[25]  Nitesh Saxena,et al.  A closer look at keyboard acoustic emanations: random passwords, typing styles and decoding techniques , 2012, ASIACCS '12.

[26]  Jörg Keller,et al.  In Guards We Trust: Security and Privacy in Operating Systems Revisited , 2013, 2013 International Conference on Social Computing.

[27]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[28]  Shengli Zhou,et al.  A DSP implementation of OFDM acoustic modem , 2007, Underwater Networks.

[29]  Eric Blossom,et al.  GNU radio: tools for exploring the radio frequency spectrum , 2004 .

[30]  Michael LeMay,et al.  Acoustic Surveillance of Physically Unmodified PCs , 2006, Security and Management.

[31]  Jan-Michael Frahm,et al.  iSpy: automatic reconstruction of typed input from compromising reflections , 2011, CCS '11.

[32]  M. Goetz,et al.  GUWMANET — Multicast routing in Underwater Acoustic Networks , 2012, 2012 Military Communications and Information Systems Conference (MCC).

[33]  Richard Sharp,et al.  Audio networking: the forgotten wireless technology , 2005, IEEE Pervasive Computing.