Your Noise, My Signal: Exploiting Switching Noise for Stealthy Data Exfiltration from Desktop Computers

by   Zhihui Shao, et al.

Attacks based on power analysis have been long existing and studied, with some recent works focused on data exfiltration from victim systems without using conventional communications (e.g., WiFi). Nonetheless, prior works typically rely on intrusive direct power measurement, either by implanting meters in the power outlet or tapping into the power cable, thus jeopardizing the stealthiness of attacks. In this paper, we propose NoDE (Noise for Data Exfiltration), a new system for stealthy data exfiltration from enterprise desktop computers. Specifically, NoDE achieves data exfiltration over a building's power network by exploiting high-frequency voltage ripples (i.e., switching noises) generated by power factor correction circuits built into today's computers. Located at a distance and even from a different room, the receiver can non-intrusively measure the voltage of a power outlet to capture the high-frequency switching noises for online information decoding without supervised training/learning. To evaluate NoDE, we run experiments on seven different computers from top-vendors and using top brand power supply units. Our results show that for a single transmitter, NoDE achieves a rate of up to 28.48 bits/second with a distance of 90 feet (27.4 meters) without the line of sight, demonstrating a practically stealthy threat. Based on the orthogonality of switching noise frequencies of different computers, we also demonstrate simultaneous data exfiltration from four computers using only one receiver. Finally, we present a few possible defenses, such as installing noise filters, and discuss their limitations.


page 9

page 10

page 19

page 22


Realization of High Frequency Bidirectional Transceiver (Bitx) Radio

In this paper, we realize the transmitter of high frequency (HF) bidirec...

Exploration of Quantum Computer Power Side-Channels

Noisy Intermediate-Scale Quantum (NISQ) quantum computers are being rapi...

AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers

In this paper, we show that attackers can exfiltrate data from air-gappe...

Measurement Error Correction in Particle Tracking Microrheology

In diverse biological applications, particle tracking of passive microsc...

Rethinking the Backdoor Attacks' Triggers: A Frequency Perspective

Backdoor attacks have been considered a severe security threat to deep l...

POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers

It is known that attackers can exfiltrate data from air-gapped computers...

Structure-based Computer Without Using Transistors

The commercialization of transistors capable of both switching and ampli...

Please sign up or login with your details

Forgot password? Click here to reset