Researchers read data from computers by manipulating screen brightness

Security researchers at Israel’s Ben Gurion University have found a way to read data from a computer by manipulating the brightness of a monitor. To do this, malware must first be placed on such an air gapped computer.

It concerns academic research into possibilities for secretly extracting sensitive data from systems that are not connected to the internet. The researchers are focusing on display-to-camera communication, which is receiving increasing attention due to the growth in the number of video cameras and smartphone cameras available.

In the research report, the researchers describe how they can read small amounts of data based on minuscule changes in the brightness of a screen. To do this, they place malware on a computer, which slightly modified one of the RGB components of each pixel. This is done in such a way that users can hardly notice the changes in color and brightness.

The intention is that the malware collects sensitive data from a system and encodes it into a bitstream. The malware then modulates that sequence of zeros and ones to corresponding sub-pixel brightness changes. They then managed to record the changes in brightness with a camera and ‘read out’ the data in this way. They describe how to extrafiltrate a sequence of ‘1010101010101010’ from a 19″ screen at a bit rate of 5bit/s, with a camera positioned six meters from the screen.

Application in practice is difficult, because the separate computer still has to be infected with specific malware. The research was done by scientists from Ben Gurion University in Israel. That team is more often investigating ways to eavesdrop on air gapped computers by installing malware on them. In previous research, for example, they were able to exfiltrate data by manipulating lights on a modem, by listening to the sound of hard drives, and via the LED lights of security cameras.