Information Leakage behind the Curtain: Abusing Anti-EMI Features for Covert Communication

Language
en
Document Type
Report
Issue Date
2016-07-27
Issue Year
2016
Authors
Bauer, Johannes
Schinzel, Sebastian
Freiling, Felix
Dewald, Andreas
Editor
Abstract

We present a new class of covert channels which can be created by utilizing common hardware but that cannot be detected by such. Our idea is to abuse anti-EMI features of a processor to create a covert channel on the physical layer. Thus, the sender uses the invariants in how digital signals are encoded over analog channels to covertly transport information. This leaked data is present on the wire bound connections of the compromised device, but is also by definition present in the vicinity of the device and can be picked up by radio equipment. As the covert channel is present only on the physical layer, the data on all layers above, as well as the timing behavior on those layers is indistinguishable from uncompromised devices. We present two example implementations of such channels using RS-232 as the carrier and use a common oscilloscope to decode the resulting covert channel. Using this setup, we observed symbol rates of around 5 baud. We derive the theoretical upper bound of the covert channels bandwidth and discuss the factors by which it is influenced.

Series
Technical reports / Department Informatik
Series Nr.
CS-2016-03
DOI
Faculties & Collections
Zugehörige ORCIDs