PowerBridge: Covert Air-Gap Exfiltration/Infiltration via Smart Plug

Abstract

Power lines are commonly utilized for energy transmission, and they serve as a conduit for data exfiltration or infiltration in some specific scenarios. This paper explores the feasibility of establishing bidirectional communication between a modified plug and the equipment power line within an air-gapped network organization and with external entities. Bidirectional air-gap communication includes two scenarios, the data leak from air-gapped networks and the transmission of external data to air-gapped networks, namely, exfiltration and infiltration. In the exfiltration scenario, software in the air-gapped networks modulates and encodes data by manipulating the power consumption of the equipment during transmission, which is then sent outside through the power line. The device utilizes a smart plug power meter to record current fluctuations and subsequently decode any leaked data. In the infiltration scenario, a smart plug is used to control the power supply status of a device’s power cord, enabling data encoding and decoding by turning the power supply on and off. The software in the air-gapped equipment captures and decodes the power supply status to infiltrate. We discuss relevant literature and provide scientific background on smart plugs and power line communication. We simulate the communication scenario, propose a communication scheme, and present data modulation techniques as well as a communication transmission protocol for air-gap channels. Our evaluation of the PowerBridge air-gap channels demonstrates that data can leak from the air-gapped computer into the power line at an approximate rate of 30 bps, which can be captured by the smart plug. Additionally, it is possible for data to penetrate from the smart plug into air-gapped networks at a speed exceeding 1 bps.