[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation by by Mordechai Guri, Yisroel Mirsky, Yuval Elovici.
Air-gapped networks are isolated, separated both logically and physically from public networks. For example, military, industrial, and financial networks. Although the feasibility of invading such systems has been demonstrated in recent years, communication of data to/from air-gapped networks is a challenging task to attackers to perpetrate, an even more difficult threat to defend against.
New methods of communicating with air gapped networks are currently being exposed, some advanced and difficult to mitigate. These new found vulnerabilities have wide reaching implications on what we considered to be a foolproof solution to network security –the placement of a physical air gap.
But it doesn’t stop there – new techniques of covertly getting information in and out of air gapped networks are being exposed. Thus it is important not only to publicize these vectors of attack, but their countermeasures and feasibility as well.
In this talk, we will outline the steps an attacker must take in order to bridge an air gapped network. We will review the state-of-the-art techniques over thermal, radio, and acoustic channels, and discuss each one’s countermeasures and feasibility. Most of techniques in this talk were discovered in our labs by researcher Mordichai Guri under the supervision of Prof. Yuval Elovici.
-- Mordechai Guri
Mordechai Guri is an accomplished computer scientist and security expert with over 20 years of practical research experience. He earned his Bsc and Msc Suma Cum Laude, from the computer science department at the Hebrew University of Jerusalem. Guri is a lead researcher and lab manager at the Ben Gurion Cyber Security Research Center and has been awarded with the prestigious IBM PhD International Fellowship (2015-2016). He manages academic research in various aspects of cyber-security to the commercial and governmental sectors. In the past few years Mordechai has led a number of breakthrough research projects in cyber-security, some of them have been published worldwide. His research focuses on state-of-the-art challenges in the field of cyber-attack and cyber-defense. Mordechai examines current paradigms and develops new methods for improved mitigation of security problems in the modern cyber environment. His research topics include OS security, advanced malware, Moving Target Defense (MTD), mobile security and embedded systems. He is the Head of R&D of the Cyber Security Center at BGU and Chief Scientist Officer at Morphisec Endpoint Security Solutions
-- Yisroel Mirsky
Yisroel Mirsky is a Ph.D. candidate supervised by Prof. Bracha Shapira and Prof. Yuval Elovici, in the department of Information Systems Engineering in Ben-Gurion University. Over the last two years he has taught cyber security machine learning at international venues, and has published works in the domains of anomaly detection, isolated network security, and machine learning. He currently manages two multi-year research projects in the Cyber Security Research Center (CSRC) at BGU: Context-based Data-leakage Prevention for Smartphones (funded by the Israeli Ministry of Science), and Machine Learning solutions for IoT security (in cooperation with the industry). His research interests include: machine learning, time-series anomaly detection, isolated network security, smartphone security and physical signal cryptography.
-- Yuval Elovici
Yuval Elovici is the director of the Telekom Innovation Laboratories at Ben-Gurion University of the Negev (BGU), head of BGU Cyber Security Research Center, and a Professor in the Department of Information Systems Engineering at BGU. He holds B.Sc. and M.Sc. degrees in Computer and Electrical Engineering from BGU and a Ph.D. in Information Systems from Tel-Aviv University. For the past ten years he has led the cooperation between BGU and Deutsche Telekom and in 2014 he established the BGU Cyber Security Research Center. His primary research interests are computer and network security, cyber security, web intelligence, social network analysis, and machine learning. Prof. Elovici consults professionally in the area of cyber security and most recently, he, along with several colleagues, established a startup that focuses on cyber-security.