Visible to the public HOTSPOT: Crossing the Air-Gap Between Isolated PCs and Nearby Smartphones Using Temperature

TitleHOTSPOT: Crossing the Air-Gap Between Isolated PCs and Nearby Smartphones Using Temperature
Publication TypeConference Paper
Year of Publication2019
AuthorsGuri, Mordechai
Conference Name2019 European Intelligence and Security Informatics Conference (EISIC)
KeywordsAir gaps, air-gap, air-gap covert communication channels, air-gapped computers, air-gapped PCs, airgap crossing technique, Android (operating system), Android app, composability, computer network security, covert-channels, CPUs, exfiltration, GPUs, HOTSPOT, Human Behavior, human factors, information leakage, Internet, isolated PCs, Metrics, mobile computing, nearby smartphone, pubcrawl, resilience, Resiliency, smart phones, smartphones, temperature, thermal, thermal pings, thermal sensing, thermal signals
AbstractAir-gapped computers are hermetically isolated from the Internet to eliminate any means of information leakage. In this paper we present HOTSPOT - a new type of airgap crossing technique. Signals can be sent secretly from air-gapped computers to nearby smartphones and then on to the Internet - in the form of thermal pings. The thermal signals are generated by the CPUs and GPUs and intercepted by a nearby smartphone. We examine this covert channel and discuss other work in the field of air-gap covert communication channels. We present technical background and describe thermal sensing in modern smartphones. We implement a transmitter on the computer side and a receiver Android App on the smartphone side, and discuss the implementation details. We evaluate the covert channel and tested it in a typical work place. Our results show that it possible to send covert signals from air-gapped PCs to the attacker on the Internet through the thermal pings. We also propose countermeasures for this type of covert channel which has thus far been overlooked.
Citation Keyguri_hotspot_2019