POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers

It is known that attackers can exfiltrate data from air-gapped computers through their speakers via sonic and ultrasonic waves. To eliminate the threat of such acoustic covert channels in sensitive systems, audio hardware can be disabled and the use of loudspeakers can be strictly forbidden. Such audio-less systems are considered to be \textit{audio-gapped}, and hence immune to acoustic covert channels. In this paper, we introduce a technique that enable attackers leak data acoustically from air-gapped and audio-gapped systems. Our developed malware can exploit the computer power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker with limited capabilities. The malicious code manipulates the internal \textit{switching frequency} of the power supply and hence controls the sound waveforms generated from its capacitors and transformers. Our technique enables producing audio tones in a frequency band of 0-24khz and playing audio streams (e.g., WAV) from a computer power supply without the need for audio hardware or speakers. Binary data (files, keylogging, encryption keys, etc.) can be modulated over the acoustic signals and sent to a nearby receiver (e.g., smartphone). We show that our technique works with various types of systems: PC workstations and servers, as well as embedded systems and IoT devices that have no audio hardware at all. We provide technical background and discuss implementation details such as signal generation and data modulation. We show that the POWER-SUPPLaY code can operate from an ordinary user-mode process and doesn't need any hardware access or special privileges. Our evaluation shows that using POWER-SUPPLaY, sensitive data can be exfiltrated from air-gapped and audio-gapped systems from a distance of five meters away at a maximal bit rates of 50 bit/sec

Spatial Interference Detection for Mobile Visible Light Communication

Taking advantage of the rolling shutter effect of CMOS cameras in smartphones is a common practice to increase the transfered data rate with visible light communication (VLC) without employing external equipment such as photodiodes. VLC can then be used as replacement of other marker based techniques for object identification for Augmented Reality and Ubiquitous computing applications. However, the rolling shutter effect only allows to transmit data over a single dimension, which considerably limits the available bandwidth. In this article we propose a new method exploiting spacial interference detection to enable parallel transmission and design a protocol that enables easy identification of interferences between two signals. By introducing a second dimension, we are not only able to significantly increase the available bandwidth, but also identify and isolate light sources in close proximity

MIMO signal processing in offset-QAM based filter bank multicarrier systems

Next-generation communication systems have to comply with very strict requirements for increased flexibility in heterogeneous environments, high spectral efficiency, and agility of carrier aggregation. This fact motivates research in advanced multicarrier modulation (MCM) schemes, such as filter bank-based multicarrier (FBMC) modulation. This paper focuses on the offset quadrature amplitude modulation (OQAM)-based FBMC variant, known as FBMC/OQAM, which presents outstanding spectral efficiency and confinement in a number of channels and applications. Its special nature, however, generates a number of new signal processing challenges that are not present in other MCM schemes, notably, in orthogonal-frequency-division multiplexing (OFDM). In multiple-input multiple-output (MIMO) architectures, which are expected to play a primary role in future communication systems, these challenges are intensified, creating new interesting research problems and calling for new ideas and methods that are adapted to the particularities of the MIMO-FBMC/OQAM system. The goal of this paper is to focus on these signal processing problems and provide a concise yet comprehensive overview of the recent advances in this area. Open problems and associated directions for future research are also discussed.Peer ReviewedPostprint (author's final draft

Animated virtual agents to cue user attention: comparison of static and dynamic deictic cues on gaze and touch responses

This paper describes an experiment developed to study the performance of virtual agent animated cues within digital interfaces. Increasingly, agents are used in virtual environments as part of the branding process and to guide user interaction. However, the level of agent detail required to establish and enhance efficient allocation of attention remains unclear. Although complex agent motion is now possible, it is costly to implement and so should only be routinely implemented if a clear benefit can be shown. Pevious methods of assessing the effect of gaze-cueing as a solution to scene complexity have relied principally on two-dimensional static scenes and manual peripheral inputs. Two experiments were run to address the question of agent cues on human-computer interfaces. Both experiments measured the efficiency of agent cues analyzing participant responses either by gaze or by touch respectively. In the first experiment, an eye-movement recorder was used to directly assess the immediate overt allocation of attention by capturing the participant’s eyefixations following presentation of a cueing stimulus. We found that a fully animated agent could speed up user interaction with the interface. When user attention was directed using a fully animated agent cue, users responded 35% faster when compared with stepped 2-image agent cues, and 42% faster when compared with a static 1-image cue. The second experiment recorded participant responses on a touch screen using same agent cues. Analysis of touch inputs confirmed the results of gaze-experiment, where fully animated agent made shortest time response with a slight decrease on the time difference comparisons. Responses to fully animated agent were 17% and 20% faster when compared with 2-image and 1-image cue severally. These results inform techniques aimed at engaging users’ attention in complex scenes such as computer games and digital transactions within public or social interaction contexts by demonstrating the benefits of dynamic gaze and head cueing directly on the users’ eye movements and touch responses

Globalization and Legal Information Management

Draft of Chapter 2 of the IALL International Handbook of Legal Information Management by Jules Winterton, Associate Director and Librarian, Institute of Advanced Legal Studies, University of London. This chapter is a relatively brief survey of what globalization means in the field of legal information management and what effect it has had and will have on a range of activities and policy areas relevant to the practice of legal information management. There are firstly some comments towards a definition of globalization for the purposes of this chapter and then a survey of the following in the light of that definition: legal systems, information consumers, legal information needs, information and management, legal publishing, digitization, intellectual property rights, lobbying and advocacy on policy issues (the politics of law librarianship), international networking, and legal information managers and law librarians of the future

The impact of Rayleigh fading channel effects on the RF-DNA fingerprinting process

The Internet of Things (IoT) consists of many electronic and electromechanical devices connected to the Internet. It is estimated that the number of connected IoT devices will be between 20 and 50 billion by the year 2020. The need for mechanisms to secure IoT networks will increase dramatically as 70% of the edge devices have no encryption. Previous research has proposed RF-DNA fingerprinting to provide wireless network access security through the exploitation of PHY layer features. RF-DNA fingerprinting takes advantage of unique and distinct characteristics that unintentionally occur within a given radio’s transmit chain during waveform generation. In this work, the application of RF-DNA fingerprinting is extended by developing a Nelder-Mead-based algorithm that estimates the coefficients of an indoor Rayleigh fading channel. The performance of the Nelder-Mead estimator is compared to the Least Square estimator and is assessed with degrading signal-to-noise ratio. The Rayleigh channel coefficients set estimated by the Nelder-Mead estimator is used to remove the multipath channel effects from the radio signal. The resulting channel-compensated signal is the region where the RF-DNA fingerprints are generated and classified. For a signal-to-noise ratio greater than 21 decibels, an average percent correct classification of more than 95% was achieved in a two-reflector channel