Abstract
Since 2008, the Korean government has instituted network separation technology, which physically isolates external internet networks from internal networks, aiming to thwart cyber-attacks. Consequently, the domestic financial sector was largely unaffected during global crises (2017 WannaCry ransomware outbreak and the 2021 Log4j vulnerability incident). However, there exist certain vulnerabilities owing to the presumption of their relative safety against cyber intrusions and the integration of cloud and Internet of Things (IoT) technologies in the current smart revolution. The existing network separation measures only mitigate one facet of potential cyber threats, rendering a comprehensive defense elusive. The rise of “air-gap” attacks, which exploit the isolated space between closed and external networks to illicitly transfer data and the existing research primarily substantiating the potential for data breaches from closed networks to their external counterparts are problems yet to be addressed. Thus, our study proposed a tangible optical air-gap attack methodology, harnessing readily available optical mediums within closed networks. Intricate measurement metrics that consider vital factors of the transmission environment were proposed. Moreover, acknowledging the proliferating integration of IoT devices, such as smart bulbs, to facilitate automation within closed networks, this study demonstrated the viability of optical air-gap attacks using these devices.
Original language | English |
---|---|
Pages (from-to) | (In-Press) |
Number of pages | 10 |
Journal | IEEE Network |
Volume | (In-Press) |
Early online date | 28 Mar 2024 |
DOIs | |
Publication status | E-pub ahead of print - 28 Mar 2024 |
Bibliographical note
© 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Copyright © and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders.
This document is the author’s post-print version, incorporating any revisions agreed during the peer-review process. Some differences between the published version and this version may remain and you are advised to consult the published version if you wish to cite from it.
Funder
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. RS-2022-00165231) and Agency for Defense Development (ADD) and Defense Acquisition Program Administration (DAPA). (No. UD230020TD)Keywords
- Acoustics
- Air gaps
- Air-Gap Attack
- Closed Network
- Electromagnetic scattering
- Internet of Things
- IoT Air-Gap Attack
- Light emitting diodes
- Network Security
- Network Separation
- Optical Air-Gap Attack
- Optical devices
- Optical sensors
ASJC Scopus subject areas
- Software
- Information Systems
- Hardware and Architecture
- Computer Networks and Communications