Exfiltrating data from an air-gapped system through a screen-camera covert channel

In recent years, many methods of exfiltrating information from air-gapped systems, including electromagnetic, thermal, acoustic and optical covert channels, have been proposed. However, as a typical optical channel, the screen-camera method has rarely been considered; it is less covert because it is visible to humans. In this paper, inspired by the rapid upgrades of cameras and monitors, we propose an air-gapped screen-camera covert channel with decreased perceptibility that is suitable for complex content. Our method exploits the characteristics of the human vision system (HVS) and embeds quick response (QR) codes containing sensitive data in the displayed frames. This slight modification of the frames cannot be sensed by the HVS but can be recorded by the cameras. Then, using certain image processing techniques, we reconstruct the QR codes to some degree and extract the secret data with a certain level of robustness due to the error correction capacity of QR codes. In the scenario to which our method applies, we assume that a program has been installed in the target system and has the authority to modify the frames without affecting the normal operations of valid users. Cameras, such as web cameras, surveillance cameras and smartphone cameras, can be receivers in our method. We illustrate the applicability of our method to frames with complex content using several different cover images. Experiments involving different angles between the screen and the camera were conducted to highlight the feasibility of our method with angles of 0°,15° and 30° .