Related papers: TEMPEST-LoRa: Cross-Technology Covert Communication

TEMPEST-LoRa: Cross-Technology Covert Communication

URL: http://arxiv.org/abs/2506.21069v1
Date: Thu, 26 Jun 2025 07:39:50 GMT
Title: TEMPEST-LoRa: Cross-Technology Covert Communication
Authors: Xieyang Sun, Yuanqing Zheng, Wei Xi, Zuhao Chen, Zhizhen Chen, Han Hao, Zhiping Jiang, Sheng Zhong,
Abstract summary: Electromagnetic (EM) covert channels pose significant threats to computer and communications security in air-gapped networks.<n>This paper reports a new EM covert channel, TEMPEST-LoRa, which could allow attackers to covertly transmit EM-modulated secret data from air-gapped networks to widely deployed operational LoRa receivers from afar.<n>Experiment results show that attackers can reliably decode secret data modulated by the EM leakage from a video cable at a maximum distance of 87.5m or a rate of 21.6 kbps.
Score: 11.15591455240142
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Electromagnetic (EM) covert channels pose significant threats to computer and communications security in air-gapped networks. Previous works exploit EM radiation from various components (e.g., video cables, memory buses, CPUs) to secretly send sensitive information. These approaches typically require the attacker to deploy highly specialized receivers near the victim, which limits their real-world impact. This paper reports a new EM covert channel, TEMPEST-LoRa, that builds on Cross-Technology Covert Communication (CTCC), which could allow attackers to covertly transmit EM-modulated secret data from air-gapped networks to widely deployed operational LoRa receivers from afar. We reveal the potential risk and demonstrate the feasibility of CTCC by tackling practical challenges involved in manipulating video cables to precisely generate the EM leakage that could readily be received by third-party commercial LoRa nodes/gateways. Experiment results show that attackers can reliably decode secret data modulated by the EM leakage from a video cable at a maximum distance of 87.5m or a rate of 21.6 kbps. We note that the secret data transmission can be performed with monitors turned off (therefore covertly).

Related papers

Secure Physical Layer Communications for Low-Altitude Economy Networking: A Survey [76.36166980302478]
The Low-Altitude Economy Networking (LAENet) is emerging as a transformative paradigm.<n>Physical layer communications in the LAENet face growing security threats due to inherent characteristics of aerial communication environments.<n>This survey comprehensively reviews existing secure countermeasures for physical layer communication in the LAENet.
arXiv Detail & Related papers (2025-04-12T09:36:53Z)
Generative AI-driven Cross-layer Covert Communication: Fundamentals, Framework and Case Study [62.5909195375364]
Cross-layer covert communication mechanism emerges as an effective strategy to mitigate regulatory challenges.<n>We propose an end-to-end cross-layer covert communication scheme driven by Generative Artificial Intelligence (GenAI)<n>Case study is conducted using diffusion reinforcement learning to sovle cloud edge internet of things cross-layer secure communication.
arXiv Detail & Related papers (2025-01-19T15:05:03Z)
RAMBO: Leaking Secrets from Air-Gap Computers by Spelling Covert Radio Signals from Computer RAM [1.74048653626208]
We present an attack allowing adversaries to leak information from air-gapped computers. We show that malware on a compromised computer can generate radio signals from memory buses (RAM) With software-defined radio (SDR) hardware, and a simple off-the-shelf antenna, an attacker can intercept transmitted raw radio signals from a distance.
arXiv Detail & Related papers (2024-09-03T21:06:04Z)
Physical Layer Deception with Non-Orthogonal Multiplexing [52.11755709248891]
We propose a novel framework of physical layer deception (PLD) to actively counteract wiretapping attempts.<n>PLD combines PLS with deception technologies to actively counteract wiretapping attempts.<n>We prove the validity of the PLD framework with in-depth analyses and demonstrate its superiority over conventional PLS approaches.
arXiv Detail & Related papers (2024-06-30T16:17:39Z)
Exploiting CPU Clock Modulation for Covert Communication Channel [0.3277163122167433]
We unveil a novel covert channel exploiting the duty cycle modulation feature of modern x86 processors. Specifically, we illustrate how two collaborating processes, a sender and a receiver can manipulate this feature to transmit sensitive information surreptitiously. Our live system implementation demonstrates that this covert channel can achieve a data transfer rate of up to 55.24 bits per second.
arXiv Detail & Related papers (2024-04-08T19:23:04Z)
Information Leakage through Physical Layer Supply Voltage Coupling Vulnerability [2.6490401904186758]
We introduce a novel side-channel vulnerability that leaks data-dependent power variations through physical layer supply voltage coupling (PSVC) Unlike traditional power side-channel attacks, the proposed vulnerability allows an adversary to mount an attack and extract information without modifying the device.
arXiv Detail & Related papers (2024-03-12T23:39:54Z)
Quantum Key Distribution for Critical Infrastructures: Towards Cyber Physical Security for Hydropower and Dams [0.4166512373146748]
Hydropower facilities are often remotely monitored or controlled from a centralized remote-control room. Communications may use the internet to remote control a facility's control systems, or it may involve sending control commands over a network from a control room to a machine. The content could be encrypted and decrypted using a public key to protect the communicated information. In contrast, quantum key distribution (QKD) is not based upon a computational problem, and offers an alternative to conventional public-key cryptography.
arXiv Detail & Related papers (2023-10-19T18:59:23Z)
Eavesdropper localization for quantum and classical channels via nonlinear scattering [58.720142291102135]
Quantum key distribution (QKD) offers theoretical security based on the laws of physics. We present a novel approach to eavesdropper location that can be employed in quantum as well as classical channels. We demonstrate that our approach outperforms conventional OTDR in the task of localizing an evanescent outcoupling of 1% with cm precision inside standard optical fibers.
arXiv Detail & Related papers (2023-06-25T21:06:27Z)
Is Semantic Communications Secure? A Tale of Multi-Domain Adversarial Attacks [70.51799606279883]
We introduce test-time adversarial attacks on deep neural networks (DNNs) for semantic communications. We show that it is possible to change the semantics of the transferred information even when the reconstruction loss remains low.
arXiv Detail & Related papers (2022-12-20T17:13:22Z)
Fault-tolerant Coding for Entanglement-Assisted Communication [46.0607942851373]
This paper studies the study of fault-tolerant channel coding for quantum channels. We use techniques from fault-tolerant quantum computing to establish coding theorems for sending classical and quantum information in this scenario. We extend these methods to the case of entanglement-assisted communication, in particular proving that the fault-tolerant capacity approaches the usual capacity when the gate error approaches zero.
arXiv Detail & Related papers (2022-10-06T14:09:16Z)
Covert Communications via Adversarial Machine Learning and Reconfigurable Intelligent Surfaces [46.34482158291128]
The reconfigurable intelligent surfaces (RISs) rely on arrays of unit cells to control the scattering and reflection profiles of signals. In this paper, covert communication is considered in the presence of the RIS.
arXiv Detail & Related papers (2021-12-21T18:23:57Z)

This list is automatically generated from the titles and abstracts of the papers in this site.