Information leakage through covert channels is a growing and persistent threat, even for physical perimeters considered as highly secure. We study a new approach for data exfiltration using a malicious storage device which subtly transmits data through blinking infrared LEDs. This approach could be used by an attacker trying to leak sensitive data stored in the device, such as credentials, cryptographic keys or a small classified document. An ideal application for this approach is when an attacker is capable of sneaking a malicious device inside a protected perimeter and has remote control over a camera inside such perimeter. The device can then collect information and transmit directly to the attacker, without the need of recovering the device to obtain the captured information, erase evidence or prevent a forensic investigation. We discuss techniques for improving communication efficiency up to 15 bits per second per LED, and possible countermeasures for mitigation.
Platform-agnostic Low-intrusion Optical Data Exfiltration (PDF Download Available). Available from: https://www.researchgate.net/publication/313887410_Platform-agnostic_Low-intrusion_Optical_Data_Exfiltration [accessed Nov 04 2017].
https://www.researchgate.net/publication/313887410_Platform-agnostic_Low-intrusion_Optical_Data_Exfiltration
Platform-agnostic Low-intrusion Optical Data Exfiltration (PDF Download Available). Available from: https://www.researchgate.net/publication/313887410_Platform-agnostic_Low-intrusion_Optical_Data_Exfiltration [accessed Nov 04 2017].
https://www.researchgate.net/publication/313887410_Platform-agnostic_Low-intrusion_Optical_Data_Exfiltration
No comments:
Post a Comment