当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers
arXiv - CS - Cryptography and Security Pub Date : 2020-05-01 , DOI: arxiv-2005.00395
Mordechai Guri

It is known that attackers can exfiltrate data from air-gapped computers through their speakers via sonic and ultrasonic waves. To eliminate the threat of such acoustic covert channels in sensitive systems, audio hardware can be disabled and the use of loudspeakers can be strictly forbidden. Such audio-less systems are considered to be \textit{audio-gapped}, and hence immune to acoustic covert channels. In this paper, we introduce a technique that enable attackers leak data acoustically from air-gapped and audio-gapped systems. Our developed malware can exploit the computer power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker with limited capabilities. The malicious code manipulates the internal \textit{switching frequency} of the power supply and hence controls the sound waveforms generated from its capacitors and transformers. Our technique enables producing audio tones in a frequency band of 0-24khz and playing audio streams (e.g., WAV) from a computer power supply without the need for audio hardware or speakers. Binary data (files, keylogging, encryption keys, etc.) can be modulated over the acoustic signals and sent to a nearby receiver (e.g., smartphone). We show that our technique works with various types of systems: PC workstations and servers, as well as embedded systems and IoT devices that have no audio hardware at all. We provide technical background and discuss implementation details such as signal generation and data modulation. We show that the POWER-SUPPLaY code can operate from an ordinary user-mode process and doesn't need any hardware access or special privileges. Our evaluation shows that using POWER-SUPPLaY, sensitive data can be exfiltrated from air-gapped and audio-gapped systems from a distance of five meters away at a maximal bit rates of 50 bit/sec.

中文翻译:

POWER-SUPPLaY:通过将电源变成扬声器来从气隙系统泄露数据

众所周知,攻击者可以通过声波和超声波通过扬声器从气隙计算机中窃取数据。为了消除敏感系统中这种声学隐蔽通道的威胁,可以禁用音频硬件并严格禁止使用扬声器。这种无音频系统被认为是 \textit{audio-gapped},因此不受声学隐蔽通道的影响。在本文中,我们介绍了一种使攻击者能够从气隙和音频隙系统中以声学方式泄漏数据的技术。我们开发的恶意软件可以利用计算机电源单元 (PSU) 播放声音并将其用作功能有限的带外辅助扬声器。恶意代码操纵电源的内部\textit{开关频率},从而控制其电容器和变压器产生的声音波形。我们的技术能够在 0-24khz 的频带内产生音频音调并从计算机电源播放音频流(例如 WAV),而无需音频硬件或扬声器。二进制数据(文件、键盘记录、加密密钥等)可以通过声学信号进行调制并发送到附近的接收器(例如智能手机)。我们展示了我们的技术适用于各种类型的系统:PC 工作站和服务器,以及完全没有音频硬件的嵌入式系统和物联网设备。我们提供技术背景并讨论实现细节,例如信号生成和数据调制。我们展示了 POWER-SUPPLaY 代码可以从普通的用户模式进程运行,不需要任何硬件访问或特殊权限。我们的评估表明,使用 POWER-SUPPLaY,敏感数据可以从 5 米外的气隙和音频隙系统中以 50 比特/秒的最大比特率泄露。
更新日期:2020-05-04
down
wechat
bug