Abstract

In this paper, we evaluate an optical covert channel in which sensitive information (textual or binary) is exfiltrated from air-gapped computers through the LCD screen. Our experiments show that low contrast and fast blinking images which are invisible to human subjects, can be recovered from photos taken by a local camera. Consequentially, we show that malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys, passwords), and project it onto a computer LCD screen, invisible and unbeknownst to users. An attacker can reconstruct the hidden data using a photo taken by a local camera. In order to demonstrate the feasibility of this type of attack and evaluate the channel's stealth, we conducted a battery of tests with 40 users. We also examined the channel’s boundaries under various parameters, with different types of encoded objects, at several distances, and using several kinds of cameras.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.