Exfiltration of Data from Air-gapped Networks via Unmodulated LED Status Indicators
This addresses a security vulnerability for air-gapped networks, enabling covert data leakage via previously considered non-exploitable LEDs, though it is incremental as it builds on prior work.
The paper tackles the problem of exfiltrating data from air-gapped networks by modulating unmodulated LED status indicators using binary frequency shift keying (B-FSK) instead of on-off keying (OOK), resulting in improved imperceptibility of covert communication.
The light-emitting diode(LED) is widely used as an indicator on the information device. Early in 2002, Loughry et al studied the exfiltration of LED indicators and found the kind of LEDs unmodulated to indicate some state of the device can hardly be utilized to establish covert channels. In our paper, a novel approach is proposed to modulate this kind of LEDs. We use binary frequency shift keying(B-FSK) to replace on-off keying(OOK) in modulation. In order to verify the validity, we implement a prototype of an exfiltration malware. Our experiment show a great improvement in the imperceptibility of covert communication. It is available to leak data covertly from air-gapped networks via unmodulated LED status indicators.