Data Exfiltration from Air-Gapped Computers based on ARM CPU
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 1
Abstract
Air-gapped Network is a network isolated from public networks. Several techniques of data exfiltration from air-gapped networks have been recently proposed. Air-gap malware is a malware that breaks the isolation of an air-gapped computer using air-gap covert channels, which extract information from air-gapped computers running on air-gap networks. Guri et al. presented an air-gap malware “GSMem”, which can exfiltrate data from air-gapped computers over GSM frequencies, 850 MHz to 900MHz. GSMem makes it possible to send data using the radio waves leaked out from the system bus between CPU and RAM. It generates binary amplitude shift keying (B-ASK) modulated waves with x86 SIMD instruction. In order to efficiently emit electromagnetic waves from the system-bus, it is necessary to access the RAM without being affected by the CPU caches. GSMem adopts an instruction that writes data without accessing CPU cache in Intel CPU. This paper proposes an air-gap covert channel for computers based on ARM CPU, which includes a software algorithm that can effectively cause cache misses. It is also a technique to use NEON instructions and transmit B-ASK modulated data by radio waves radiated from ARM based computer (e.g. Raspberry Pi 3). The experiment shows that the proposed program sends binary data using radio waves (about 1000kHz ~ 1700kHz) leaked out from system-bus between ARM CPU and RAM. The program can also run on Android machines based on ARM CPU (e.g. ASUS Zenpad 3S 10 and OnePlus 3).
Authors and Affiliations
Kenta Yamamoto, Miyuki Hirose, Taiichi Saito
Keywords
Related Articles
- EP ID EP261527
- DOI 10.14569/IJACSA.2018.090125
- Views 95
- Downloads 0
An Efficient Protocol using Fuzzy Logic and Grids with Two-Dimensional Techniques for Saving Energy in WSN
This work proposes an energy-saving protocol for wireless sensor networks (WSNs) using fuzzy logic and grids with two-dimensional techniques, namely, gravity and energy centers, to address the pressing issue of energy ef...
Deep Learning-Based Recommendation: Current Issues and Challenges
Due to the revolutionary advances of deep learning achieved in the field of image processing, speech recognition and natural language processing, the deep learning gains much attention. The recommendation task is influen...
SentiTFIDF – Sentiment Classification using Relative Term Frequency Inverse Document Frequency
Sentiment Classification refers to the computational techniques for classifying whether the sentiments of text are positive or negative. Statistical Techniques based on Term Presence and Term Frequency, using Support Vec...
Comparative Analysis of Support Vector Machine, Maximum Likelihood and Neural Network Classification on Multispectral Remote Sensing Data
Land cover classification is an essential process in many remote sensing applications. Classification based on supervised methods have been preferred by many due to its practicality, accuracy and objectivity compared to...
An Information Theoretic Analysis of Random Number Generator based on Cellular Automaton
Realization of Randomness had always been a controversial concept with great importance both from theoretical and practical Perspectives. This realization has been revolutionized in the light of recent studies especially...