Biblio

Air-gapped networks are isolated from the Internet, since they store and process sensitive information. It has been shown that attackers can exfiltrate data from air-gapped networks by sending acoustic signals generated by computer speakers, however this type of covert channel relies on the existence of loudspeakers in the air-gapped environment. In this paper, we present CD-LEAK - a novel acoustic covert channel that works in constrained environments where loudspeakers are not available to the attacker. Malware installed on a compromised computer can maliciously generate acoustic signals via the optical CD/DVD drives. Binary information can then be modulated over the acoustic signals and be picked up by a nearby Internet connected receiver (e.g., a workstation, hidden microphone, smartphone, laptop, etc.). We examine CD/DVD drives and discuss their acoustical characteristics. We also present signal generation and detection, and data modulation and demodulation algorithms. Based on our proposed method, we developed a transmitter and receiver for PCs and smartphones, and provide the design and implementation details. We examine the channel and evaluate it on various optical drives. We also provide a set of countermeasures against this threat - which has been overlooked.

Indoor localization has been a popular research subject in recent years. Usually, object localization using sound involves devices on the objects, acquiring data from stationary sound sources, or by localizing the objects with external sensors when the object generates sounds. Indoor localization systems using microphones have traditionally also used systems with several microphones, setting the limitations on cost efficiency and required space for the systems. In this paper, the goal is to investigate whether it is possible for a stationary system to localize a silent object in a room, with only one microphone and ambient noise as information carrier. A subtraction method has been combined with a fingerprint technique, to define and distinguish the noise absorption characteristic of the silent object in the frequency domain for different object positions. The absorption characteristics of several positions of the object is taken as comparison references, serving as fingerprints of known positions for an object. With the experiment result, the tentative idea has been verified as feasible, and noise signal based lateral localization of silent objects can be achieved.

As the ocean covers 70% of the Earth's surface, it becomes inevitable to develop or extend underwater applications. Compared to Visible Light medium, Acoustic medium has been widely used to transmit the data from source to destination in underwater communication. Data transmission, however, has the limitation such as propagation delay, reliability, power constraints, etc. Although underwater MAC protocols have been developed to overcome these challenges, there are still some drawbacks due to the harsh underwater environment. Therefore, the selection mechanism for underwater multi-media communication is proposed inside Medium Access Control (MAC) layer. In this paper, the main focus is to select the appropriate medium based on the distance between nodes and transmission power. The result of performance evaluation shows that this multimedia approach can complement the existing underwater single medium communication. As a result, underwater multimedia mechanism increases the reliability and energy efficiency in data transmission.

Cyber-physical systems (CPS) are interconnections of heterogeneous hardware and software components (e.g., sensors, actuators, physical systems/processes, computational nodes and controllers, and communication subsystems). Increasing network connectivity of CPS computational nodes facilitates maintenance and on-demand reprogrammability and reduces operator workload. However, such increasing connectivity also raises the potential for cyber-attacks that attempt unauthorized modifications of run-time parameters or control logic in the computational nodes to hamper process stability or performance. In this paper, we analyze the effectiveness of real-time monitoring using digital and analog side channels. While analog side channels might not typically provide sufficient granularity to observe each iteration of a periodic loop in the code in the CPS device, the temporal averaging inherent to side channel sensory modalities enables observation of persistent changes to the contents of a computational loop through their resulting effect on the level of activity of the device. Changes to code can be detected by observing readings from side channel sensors over a period of time. Experimental studies are performed on an ARM-based single board computer.