CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives
| Title | CD-LEAK: Leaking Secrets from Audioless Air-Gapped Computers Using Covert Acoustic Signals from CD/DVD Drives |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Guri, M. |
| Conference Name | 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC) |
| Date Published | July 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-7303-0 |
| Keywords | acoustic, acoustic signal detection, acoustical characteristics, Acoustics, air gap, Air gaps, air-gapped environment, air-gapped networks, audioless air-gapped computers, CD-LEAK, composability, compromised computer, computer network security, computer speakers, Computers, covert acoustic signals, covert channels, data modulation, Demodulation, demodulation algorithms, digital versatile discs, Drives, exfiltration, Human Behavior, human factors, Internet, invasive software, loudspeakers, Malware, Metrics, nearby Internet connected receiver, novel acoustic covert channel, optical drives, optical modulation, optical receivers, process sensitive information, pubcrawl, resilience, Resiliency, signal generation, smart phones |
| Abstract | Air-gapped networks are isolated from the Internet, since they store and process sensitive information. It has been shown that attackers can exfiltrate data from air-gapped networks by sending acoustic signals generated by computer speakers, however this type of covert channel relies on the existence of loudspeakers in the air-gapped environment. In this paper, we present CD-LEAK - a novel acoustic covert channel that works in constrained environments where loudspeakers are not available to the attacker. Malware installed on a compromised computer can maliciously generate acoustic signals via the optical CD/DVD drives. Binary information can then be modulated over the acoustic signals and be picked up by a nearby Internet connected receiver (e.g., a workstation, hidden microphone, smartphone, laptop, etc.). We examine CD/DVD drives and discuss their acoustical characteristics. We also present signal generation and detection, and data modulation and demodulation algorithms. Based on our proposed method, we developed a transmitter and receiver for PCs and smartphones, and provide the design and implementation details. We examine the channel and evaluate it on various optical drives. We also provide a set of countermeasures against this threat - which has been overlooked. |
| URL | https://ieeexplore.ieee.org/document/9202547 |
| DOI | 10.1109/COMPSAC48688.2020.0-163 |
| Citation Key | guri_cd-leak_2020 |
- novel acoustic covert channel
- Drives
- exfiltration
- Human behavior
- Human Factors
- internet
- invasive software
- loudspeakers
- malware
- Metrics
- nearby Internet connected receiver
- digital versatile discs
- optical drives
- optical modulation
- optical receivers
- process sensitive information
- pubcrawl
- resilience
- Resiliency
- signal generation
- smart phones
- composability
- acoustic signal detection
- acoustical characteristics
- Acoustics
- air gap
- Air gaps
- air-gapped environment
- air-gapped networks
- audioless air-gapped computers
- CD-LEAK
- acoustic
- compromised computer
- computer network security
- computer speakers
- Computers
- covert acoustic signals
- covert channels
- data modulation
- Demodulation
- demodulation algorithms