PowerHammer: Exfiltrating Data From Air-Gapped Computers Through Power Lines

Guri, Mordechai; Zadov, Boris; Bykhovsky, Dima; Elovici, Yuval

doi:10.1109/tifs.2019.2952257

Cited by 48 publications

(45 citation statements)

References 54 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Guri et al [33], as well as Islam and Ren [45] demonstrated that current and voltage, respectively, can be monitored and influenced to build covert channels, e.g., in cloud environments. However, both works assume an attacker with hardware equipment connected to the device.…”

Section: A Related Workmentioning

confidence: 99%

PLATYPUS: Software-based Power Side-Channel Attacks on x86

Lipp

Kogler

Oswald

et al. 2021

2021 IEEE Symposium on Security and Privacy (SP)

101

View full text Add to dashboard Cite

Where a licence is displayed above, please note the terms and conditions of the licence govern your use of this document.When citing, please reference the published version. Take down policyWhile the University of Birmingham exercises care and attention in making items available there are rare occasions when an item has been uploaded in error or has been deemed to be commercially or otherwise sensitive.

show abstract

Section: A Related Workmentioning

confidence: 99%

PLATYPUS: Software-based Power Side-Channel Attacks on x86

Lipp

Kogler

Oswald

et al. 2021

2021 IEEE Symposium on Security and Privacy (SP)

101

View full text Add to dashboard Cite

show abstract

“…It is well-known that data-dependent power consumption can be used to recover cryptographic keys through differential power analysis and other techniques by acquiring and analyzing power traces [23]. The same principles can be applied to create covert communication, for example from a malware app on a phone to a malicious USB charger [33], or from a program that modulates CPU utilization to an attacker measuring the current consumption of the computer [17]. Similarly, measuring voltage ripple on the power lines can be used to track the power usage pattern of other data center tenants [20].…”

Section: B Power and Temperature Covert Channelsmentioning

confidence: 99%

C³APSULe: Cross-FPGA Covert-Channel Attacks through Power Supply Unit Leakage

Giechaskiel

Rasmussen

Szefer

2020

2020 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Field-Programmable Gate Arrays (FPGAs) are versatile, reconfigurable integrated circuits that can be used as hardware accelerators to process highly-sensitive data. Leaking this data and associated cryptographic keys, however, can undermine a system's security. To prevent potentially unintentional interactions that could break separation of privilege between different data center tenants, FPGAs in cloud environments are currently dedicated on a per-user basis. Nevertheless, while the FPGAs themselves are not shared among different users, other parts of the data center infrastructure are. This paper specifically shows for the first time that powering FPGAs, CPUs, and GPUs through the same power supply unit (PSU) can be exploited in FPGA-to-FPGA, CPU-to-FPGA, and GPU-to-FPGA covert channels between independent boards. These covert channels can operate remotely, without the need for physical access to, or modifications of, the boards. To demonstrate the attacks, this paper uses a novel combination of "sensing" and "stressing" ring oscillators as receivers on the sink FPGA. Further, ring oscillators are used as transmitters on the source FPGA. The transmitting and receiving circuits are used to determine the presence of the leakage on off-the-shelf Xilinx boards containing Artix 7 and Kintex 7 FPGA chips. Experiments are conducted with PSUs by two vendors, as well as CPUs and GPUs of different generations. Moreover, different sizes and types of ring oscillators are also tested. In addition, this work discusses potential countermeasures to mitigate the impact of the cross-board leakage. The results of this paper highlight the dangers of shared power supply units in local and cloud FPGAs, and therefore a fundamental need to rethink FPGA security for shared infrastructures.

show abstract

“…In [22], authors proposed a malware named PowerHammer that uses power lines to exfiltrate sensitive data from a compromised air-gapped computer. An airgapped computer is a computer located in a secured network/environment for which comprehensive security measures are taken into account to maintain both physical and logical separation from less secured computer/environment/networks.…”

Section: B Traditional Computer Networkmentioning

confidence: 99%