Brightness: Leaking Sensitive Data from Air-Gapped Workstations via Screen Brightness

Air-gapped computers are systems that are kept isolated from the Internet since they store or process sensitive information. In this paper, we introduce an optical covert channel in which an attacker can leak (or, exfiltlrate) sensitive information from air-gapped computers through manipulations on the screen brightness. This covert channel is invisible and it works even while the user is working on the computer. Malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys and passwords), and modulate it within the screen brightness, invisible to users. The small changes in the brightness are invisible to humans but can be recovered from video streams taken by cameras such as a local security camera, smartphone camera or a webcam. We present related work and discuss the technical and scientific background of this covert channel. We examined the channel's boundaries under various parameters, with different types of computer and TV screens, and at several distances. We also tested different types of camera receivers to demonstrate the covert channel. Lastly, we present relevant countermeasures to this type of attack.

[1]  Mordechai Guri,et al.  Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack , 2017, ACM Trans. Intell. Syst. Technol..

[2]  Mordechai Guri,et al.  AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies , 2014, 2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE).

[3]  Mordechai Guri,et al.  MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields , 2018, Future Gener. Comput. Syst..

[4]  Mordechai Guri,et al.  ODINI: Escaping Sensitive Data From Faraday-Caged, Air-Gapped Computers via Magnetic Fields , 2018, IEEE Transactions on Information Forensics and Security.

[5]  Mordechai Guri,et al.  xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs , 2018, 2018 16th Annual Conference on Privacy, Security and Trust (PST).

[6]  Mordechai Guri,et al.  GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies , 2015, USENIX Security Symposium.

[7]  Jan H. P. Eloff,et al.  An overview of image steganography , 2005, ISSA.

[8]  Mordechai Guri,et al.  LCD TEMPEST Air-Gap Attack Reloaded , 2018, 2018 IEEE International Conference on the Science of Electrical Engineering in Israel (ICSEE).

[9]  Przemyslaw Mazurek,et al.  Optimization of Demodulation for Air-Gap Data Transmission Based on Backlight Modulation of Screen , 2019, ICCS.

[10]  Joe Loughry Optical TEMPEST , 2018, 2018 International Symposium on Electromagnetic Compatibility (EMC EUROPE).

[11]  Mordechai Guri,et al.  CTRL-ALT-LED: Leaking Data from Air-Gapped Computers Via Keyboard LEDs , 2019, 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC).

[12]  Diego F. Aranha,et al.  Platform-agnostic Low-intrusion Optical Data Exfiltration , 2017, ICISSP.

[13]  Luke Deshotels,et al.  Inaudible Sound as a Covert Channel in Mobile Devices , 2014, WOOT.

[14]  Mordechai Guri,et al.  Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise ('DiskFiltration') , 2017, ESORICS.

[15]  David A. Umphress,et al.  Information leakage from optical emanations , 2002, TSEC.

[16]  Sung-Yoon Jung,et al.  Implementation of two-dimensional display field communications for enhancing the achievable data rate in smart-contents transmission , 2018, Displays.

[17]  Mordechai Guri,et al.  An optical covert-channel to leak data through an air-gap , 2016, 2016 14th Annual Conference on Privacy, Security and Trust (PST).

[18]  Sung-Yoon Jung,et al.  Display Field Communication: Fundamental Design and Performance Analysis , 2015, Journal of Lightwave Technology.

[19]  Ramesh Karri,et al.  Process-Aware Covert Channels Using Physical Instrumentation in Cyber-Physical Systems , 2018, IEEE Transactions on Information Forensics and Security.

[20]  Mordechai Guri,et al.  BitWhisper: Covert Signaling Channel between Air-Gapped Computers Using Thermal Manipulations , 2015, 2015 IEEE 28th Computer Security Foundations Symposium.

[21]  Arash Habibi Lashkari,et al.  Shoulder Surfing attack in graphical password authentication , 2009, ArXiv.

[22]  Nenghai Yu,et al.  Potential risk of IoT device supporting IR remote control , 2019, Comput. Networks.

[23]  Qian Zhang,et al.  NICScatter: Backscatter as a Covert Channel in Mobile Devices , 2017, MobiCom.

[24]  Mordechai Guri,et al.  PowerHammer: Exfiltrating Data From Air-Gapped Computers Through Power Lines , 2018, IEEE Transactions on Information Forensics and Security.

[25]  Hirotsugu Yamamoto,et al.  Development of 480-fps LED display by use of spatiotemporal mapping , 2012, 2012 IEEE Industry Applications Society Annual Meeting.

[26]  Weiming Zhang,et al.  Data Exfiltration via Multipurpose RFID Cards and Countermeasures , 2019, ArXiv.

[27]  G B Arden,et al.  The Visual System , 2021, AMA Guides to the Evaluation of Permanent Impairment, 6th Edition, 2021.

[28]  Carlisle M. Adams,et al.  On Acoustic Covert Channels Between Air-Gapped Systems , 2014, FPS.

[29]  Yu Zhang,et al.  When does the hidden butterfly not flicker? , 2014, SIGGRAPH ASIA Technical Briefs.

[30]  Mordechai Guri,et al.  LED-it-GO: Leaking (A Lot of) Data from Air-Gapped Computers via the (Small) Hard Drive LED , 2017, DIMVA.

[31]  Guobin Shen,et al.  InFrame: Multiflexing Full-Frame Visible Communication Channel for Humans and Devices , 2014, HotNets.

[32]  Mordechai Guri,et al.  USBee: Air-gap covert-channel via electromagnetic emission from USB , 2016, 2016 14th Annual Conference on Privacy, Security and Trust (PST).

[33]  Jie Wang,et al.  Demonstration of a covert camera-screen communication system , 2017, 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC).

[34]  Michael Hanspach,et al.  On Covert Acoustical Mesh Networks in Air , 2014, J. Commun..

[35]  Mordechai Guri,et al.  aIR-Jumper: Covert Air-Gap Exfiltration/Infiltration via Security Cameras & Infrared (IR) , 2017, Comput. Secur..

[36]  Chaouki Kasmi,et al.  Air-gap Limitations and Bypass Techniques: “Command and Control” using Smart Electromagnetic Interferences , 2016 .

[37]  Emal Pasarly Time , 2011, Encyclopedia of Evolutionary Psychological Science.

[38]  Kevin Curran,et al.  Digital image steganography: Survey and analysis of current methods , 2010, Signal Process..

[39]  Mordechai Guri,et al.  Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers , 2016, ArXiv.

[40]  Ashwin Ashok,et al.  Dynamic and invisible messaging for visual MIMO , 2012, 2012 IEEE Workshop on the Applications of Computer Vision (WACV).

[41]  Markus G. Kuhn,et al.  Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations , 1998, Information Hiding.

[42]  Tianxing Li,et al.  Real-Time Screen-Camera Communication Behind Any Scene , 2015, MobiSys.