MAGNETO: Covert channel between air-gapped systems and nearby smartphones via CPU-generated magnetic fields

Guri, Mordechai

doi:10.1016/j.future.2020.08.045

Cited by 33 publications

(14 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They can be exploited by the attackers to exfiltrate information from isolated and non-networked computers. MAGNETO [35] is a proposal of covert communication about air-gapped systems and nearby smartphones via magnetic fields generated from the CPU. The magnetic signals can be generated from the computers changing the CPU workload, but this covert channel works only for short distances and with low transmission rate.…”

Section: State-of-the-art Literaturementioning

confidence: 99%

Detecting Colluding Inter-App Communication in Mobile Environment

et al. 2020

View full text Add to dashboard Cite

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.

show abstract

Section: State-of-the-art Literaturementioning

confidence: 99%

Detecting Colluding Inter-App Communication in Mobile Environment

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Their use in networks protocols was one common application [7] and they have been specially applied in air-gapped computers, that is devices isolated from public or insecure networks. In this vein, a wide array of approaches have been proposed - [8] presents a malware to exfiltrate data through cellular GSM frequencies; [9] through the blinking pattern of keyboard LEDs; [3] through electric emissions on power lines; [4] through the magnetic fields of computers, using a smartphone to receive the covert signals with its magnetic sensor; [10] through the speakers of a computer considering acoustic signals emitted from its hard drive; [11] through the LED of a computer hard drive; [12] through blinking infrarred LEDs of computer devices; [13] through LEDs located in network equipments such as switches or routers; [6] through vibrations by controlling the fan speed of a computer; and [14] through the turn of power supplies into speakers by manipulating their internal switching frequency. With the same purpose but not focusing on air-gapped devices, [15] proposes the use of electromagnetic signals as a covert channel between a laptop and a smartphone.…”

Section: Related Workmentioning

confidence: 99%

“…In essential infrastructures and other corporate environments with highly sensitive information, it is common to have air-gapped systems, that is, computing devices with no network connection. As a result, a great amount of networkless covert channels have been proposed (e.g., [3], [4]).…”

Section: Introductionmentioning

confidence: 99%

SmartLED: Smartphone-Based Covert Channels Leveraging the Notification LED

González-Manzano

Bernardez

Fuentes

2020

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

View full text Add to dashboard Cite

The widespread adoption of smartphones make them essential in daily routines. Thus, they can be used to create a covert channel without raising suspicions. To avoid detection, networkless communications are preferred. In this paper, we propose SmartLED, a mechanism to build covert channels leveraging a widely available smartphone feature -its notification LED. The secret is encoded through LED blinks using Manhattan encoding. SmartLED is assessed in real-world indoor and outdoor scenarios, considering different distances up to 5 meters. Our results show that the best performance is achieved in dark settings -34.8 s. are needed to exfiltrate a 7-byte password to a distance of 1 m. Remarkably, distance does not cause a great impact on effective transmission time and shorter blinks do not lead to substantially greater transmission errors.

show abstract

“…Intentional security flaws can be used to provide a backdoor to the system or to leak crucial security information (for example, cryptographic keys). For such an application, even a very low bandwidth provided by covert channels can be a severe security threat [ 5 , 6 ]. Sometimes, an intentionally introduced hidden undocumented protocol is provided for valuable purposes such as emergency control protocol, covert authentication, and cryptographic key exchange.…”

Section: Introductionmentioning

confidence: 99%

StegoFrameOrder—MAC Layer Covert Network Channel for Wireless IEEE 802.11 Networks

Sawicki

Bieszczad

Piotrowski

2021

Sensors

View full text Add to dashboard Cite

The proposed StegoFrameOrder (SFO) method enables the transmission of covert data in wireless computer networks exploiting non-deterministic algorithms of medium access (such as the distributed coordination function), especially in IEEE 802.11 networks. Such a covert channel enables the possibility of leaking crucial information outside secured network in a manner that is difficult to detect. The SFO method embeds hidden bits of information in the relative order of frames transmitted by wireless terminals operating on the same radio channel. The paper presents an idea of this covert channel, its implementation, and possible variants. The paper also discusses implementing the SFO method in a real environment and the experiments performed in the real-world scenario.

show abstract

MAGNETO: Covert channel between air-gapped systems and nearby smartphones via CPU-generated magnetic fields

Cited by 33 publications

References 31 publications

Detecting Colluding Inter-App Communication in Mobile Environment

Detecting Colluding Inter-App Communication in Mobile Environment

SmartLED: Smartphone-Based Covert Channels Leveraging the Notification LED

StegoFrameOrder—MAC Layer Covert Network Channel for Wireless IEEE 802.11 Networks

Contact Info

Product

Resources

About