Compromising emanations: overview and system analysis

Рассмотрена задача побочных электромагнитных излучений опасных сигналов в ближней, промежуточной и дальней зонах. Проанализированы экспериментальные данные побочных электромагнитных излучений различных технических средств. Предложен системный анализ для нахождения и изучения побочных электромагнитных излучений. Целью данного подхода является создание корректной теоретической базы в области технической защиты информации. Рассмотрен метод векторных нестационарных потенциалов для нахождения компонент электромагнитного поля опасных сигналов в ближней, промежуточной и дальней зонах излучения. Применение нового метода позволяет исследовать побочные электромагнитные излучения технических средств во временной и в частотной области

Potential detection spectral component of compromising emanations signal USB keyboard interface

Настоящая статья посвящена исследованию потенциальных возможностей обнаружения информативной и неинформативной составляющих сигнала ПЭМИ клавиатуры USB интерфейса. Проводиться цифровой эксперимент для оценки значения максимума взаимной корреляционной функции спектра сигнала ПЭМИ, снятого с двух информативных проводов, содержащего пакет опроса и ответа с данными и опорного сигнала, в зависимости от отношения сигнал/шум на входе приемного устройства для БГШ и одного из трех видов помех Джонсона с различными параметрами распределения. В результате исследования были установлены потенциальные возможности обнаружения сигнала ПЭМИ клавиатуры интерфейса USB в идеальных условиях без воздействия внешнего шума и в реальных условиях естественного и индустриального шумов. На основании полученных результатов сделан вывод о том, что излучения ПЭМИ клавиатуры интерфейса USB не являются опасными с точки зрения возможного обнаружения в реальных условиях.This article is devoted to research potential detection informative and uninformative signal components compromising emanations USB keyboard interface. Digital experiment held to assess the value of the maximum cross-correlation function of the signal spectrum compromising emanations, radiated from two informative wire containing package interrogation and response data and reference signal, depending on the signal / noise ratio at the receiver input for WGN and one of three types of interference Johnson different the parameters of the distribution. As a result, studies have established the potential of the detection signal compromising emanations keyboard USB interface in ideal conditions without the influence of external noise and the actual conditions of natural and industrial noise. Based on the results concluded that the radiation compromising emanations keyboard USB interface are not dangerous from the point of view of a possible encounter in the real conditions

Information Leakage from Optical Emanations

A previously unknown form of compromising emanations has been discovered. LED status indicators on data communication equipment, under certain conditions, are shown to carry a modulated optical signal that is significantly correlated with information being processed by the device. Physical access is not required; the attacker gains access to all data going through the device, including plaintext in the case of data encryption systems. Experiments show that it is possible to intercept data under realistic conditions at a considerable distance. Many different sorts of devices, including modems and Internet Protocol routers, were found to be vulnerable. A taxonomy of compromising optical emanations is developed, and design changes are described that will successfully block this kind of "Optical TEMPEST" attack.Comment: 26 pages, 11 figure

A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems

We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security goal and security breaches are mainly defined as undesired disclosure or modification of classified data, strict control of information flows is the ultimate goal. In order to prevent undesired information flows, we provide a classification of information flow types in a component-based operating system and, by this, possible patterns to attack the system. The systematic consideration of informations flows reveals a specific type of operating system covert channel, the covert physical channel, which connects two former isolated partitions by emitting physical signals into the computer's environment and receiving them at another interface.Comment: 9 page

Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels

We show that subtle acoustic noises emanating from within computer screens can be used to detect the content displayed on the screens. This sound can be picked up by ordinary microphones built into webcams or screens, and is inadvertently transmitted to other parties, e.g., during a videoconference call or archived recordings. It can also be recorded by a smartphone or "smart speaker" placed on a desk next to the screen, or from as far as 10 meters away using a parabolic microphone. Empirically demonstrating various attack scenarios, we show how this channel can be used for real-time detection of on-screen text, or users' input into on-screen virtual keyboards. We also demonstrate how an attacker can analyze the audio received during video call (e.g., on Google Hangout) to infer whether the other side is browsing the web in lieu of watching the video call, and which web site is displayed on their screen