Domain: jocm.us
Stories and comments across the archive that link to jocm.us.
Comments · 23
-
bad BIOS saga continues - 12/2013
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
---
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
---
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
----"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied
-
bad BIOS saga continues - 12/2013
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
---
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
---
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
----"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique
-
bad BIOS saga continues - 12/13
bad BIOS saga continues - 12/13
-
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. Th
-
bad BIOS saga continues - 12/13
bad BIOS saga continues - 12/13
-
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. Th
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied on sof
-
bad BIOS saga continues - 12/13
Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
-
Malware communicates at a distance of 65 feet using built-in mics and speakers.by Dan Goodin - Dec 2, 2013 7:29 pm UTC
http://arstechnica.com/author/dan-goodin
https://twitter.com/dangoodin001"Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."
-
Topology of a covert mesh network that connects air-gapped computers to the Internet:http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
-"Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."
[1] http://www.fkie.fraunhofer.de/en.html
[2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
[3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied on sof
-
On Covert Acoustical Mesh Networks in Air
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124##
RE: #BadBios, BadBios, badbios, bad bios
-
On Covert Acoustical Mesh Networks in Air
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124##
RE: #BadBios, BadBios, badbios, bad bios
-
On Covert Acoustical Mesh Networks in Air
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124##
RE: #BadBios, BadBios, badbios, bad bios
-
Re:BadBIOS?
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124#
RE: #BadBios, BadBios, badbios, bad bios
-
Re:BadBIOS?
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124#
RE: #BadBios, BadBios, badbios, bad bios
-
Re:BadBIOS?
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124#
RE: #BadBios, BadBios, badbios, bad bios
-
On Covert Acoustical Mesh Networks in Air (RE: Bad
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124##
RE: #BadBios, BadBios, badbios, bad bios
-
On Covert Acoustical Mesh Networks in Air (RE: Bad
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124##
RE: #BadBios, BadBios, badbios, bad bios
-
On Covert Acoustical Mesh Networks in Air (RE: Bad
On Covert Acoustical Mesh Networks in Air (RE: Bad Bios)
"Abstract-Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range.
We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities."
Index Terms-malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767"
Volume 8, No. 11, November 2013
http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf
http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
http://www.jocm.us/index.php?m=content&c=index&a=lists&catid=124##
RE: #BadBios, BadBios, badbios, bad bios