Various threat models to circumvent air-gapped systems for preventing network attack

Eunchong Lee, Hyunsoo Kim, Ji Won Yoon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

In order to prevent incidents related with information leakage, many enterprises and organizations have installed an air-gapped system. The system is used for separating their own network from a public network such as the Internet. However, researchers have demonstrated possibilities that the air-gapped system can be inactivated by attackers, especially about their advanced attacks with various covert channels. In this paper, we analyzed how much the information could be leaked via the covert channel. We conducted experiments about data communication between a speaker and a microphone which are regarded as a conventional acoustic covert channel. At the same time, we also had expanded the attack scenario into an environment without any microphone. That is, we tested whether the critical information could be leaked and transferred via two loud-speakers as a limited environment where the air-gapped system. Finally, it is shown that the speaker based covert network can be effectively expanded to centrally controlled embedded loudspeakers which have not been considered in a conventional acoustic covert channel.

Original languageEnglish
Title of host publicationInformation Security Applications - 16th International Workshop, WISA 2015, Revised Selected Papers
EditorsDooho Choi, Ho-Won Kim
PublisherSpringer Verlag
Pages187-199
Number of pages13
ISBN (Print)9783319318745
DOIs
Publication statusPublished - 2016
Event16th International Workshop on Information Security Applications, WISA 2015 - Jeju Island, Korea, Republic of
Duration: 2015 Aug 202015 Aug 22

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9503
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other16th International Workshop on Information Security Applications, WISA 2015
Country/TerritoryKorea, Republic of
CityJeju Island
Period15/8/2015/8/22

Bibliographical note

Funding Information:
This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT and Future Planning (NRF-2013R1A1A1012797)

Publisher Copyright:
© Springer International Publishing Switzerland 2016.

Keywords

  • Acoustic covert channel communication
  • Air-gap malware
  • Malware communication

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Various threat models to circumvent air-gapped systems for preventing network attack'. Together they form a unique fingerprint.

Cite this