Data Sniffing Over Airgaps AVNI SINGH GARIMA MAITHANI
- Slides: 29
Data Sniffing Over Airgaps AVNI SINGH GARIMA MAITHANI
AGENDA What is Airgap? Need for Airgap Attack Vectors Case Studies Mitigation 2
What is Airgap? 4
Remember this scene of the movie: - Mission Impossible 5
Major Applications ✘ Military computer systems and networks ✘ Government computer systems and networks ✘ Financial computer systems and networks ✘ Industrial control systems ✘ Life-critical systems 6
How secure is it? ? 7
8
Airgap Attack Vectors Magnetic Physical Media Acoustic Thermal Electromagnetic Light 9
EXFILTRATION THROUGH PHYSICAL MEDIA 1. 2. 3. Oldest form USB Flash drives Most common and well known example is Stuxnet 10
ACOUSTIC COVERT CHANNEL 1. ACOUSTIC: The term means hearing. 2. Noise emitted by computers (Printers, cooling fans, capacitors at keyboard, etc. )
ELECTROMAGNETIC COVERT CHANNEL • • • Few common examples are: - Airhoppers and GSMem It’s the most common channel known. Bell Labs originally noted this vulnerability back in WWII when Bell Telephone provided the military an encryption device called a 131 -B 2. They had one working in their laboratories when, by accident, someone noticed that each time the machine stepped, a spike would appear on an oscilloscope in a distant part of the lab. They studied these spikes more carefully and found out that they could read the plain text of the message being ciphered by the machine. 12
LIGHT COVERT CHANNEL
THERMAL COVERT CHANNEL 1. 2. 3. All electronic devices generate excess heat and require thermal management to improve reliability and prevent premature failure. Computers are no exception. This is usually done with fans and we’ve already seen how they can be abused to provide an exfiltration channel. Changes in temperature are shown to be an effective, albeit painfully slow, data channel. 14
CASE STUDY 1 Sniffing data of an HDMI cable through RF leaks 15
Tools required Software • SDR# • Tempest. SDR Hardware • Antenna: Hack. RF One/Yard Stick One/ RTL SDR 16
Setting up Hack. RF one by installing relevant drivers 17
Setting up the config file of SDR# to make it work with Hack. RF One 18
Hit Play and collect noises from surroundings 19
Waterfall of noises gathered 20
Setup Tempest. SDR to work with Hack. RF 21
Calibrate Tempest. SDR to work with Hack. RF 22
Image starts forming 23
CASE STUDY 2 Sniffing energy levels to guess cryptographic algorithms 24
Which cryptographic algorithm is it? 25
Which cryptographic algorithm is it? 26
Mitigation Techniques • Masking of signal • Faradays cage like setup • Shielding mechanisms 27
THANKS! Any questions? You can find us at Linkedin Profile: -Garima Maithani Twitter Handle: - @avnisingh_s 28
References and Credits https: //www. thesslstore. com/blog/air-gapped-computer/ https: //hackaday. com/2017/02/02/hacking-the-aether/ https: //i. blackhat. com/us-18/Wed-August-8/us-18 -Guri-Air. Gap. pdf Anush Swaminathan Stephan Picek : Case study 2 https: //images. app. goo. gl/Hok 2887 Mcs. ZSew 1 a 8 https: //images. app. goo. gl/85 u. Hypj 1 ne 6 za. Axy 6 29
- Aluyare
- Garima tiwari model
- Raj birk
- Avni ponari
- Cormack lehane grading
- Dr avni fetahu
- Larynxmask
- Kliometri
- Vareculla
- Dorit avni
- Endotracheal intubation indications
- Sniffing position intubation
- Lesson 28: sniffing around molecular formulas answer key
- Xenia audio delay
- Sniffing
- Sniffing
- Bed bug sniffing dogs nj
- Sniffing position
- Gambaran ekg hipokalemia
- Sniffing position para intubação
- Browser sniffing
- Javachive
- Over the mountain over the plains
- Siach reciting the word over and over
- Taking over navigational watch
- Sandeep singh jolly
- Yatindra nath singh
- Singh song context
- Alankrita singh ips
- Dr ajit singh