Georgia Institute of Technology Georgia Institute of Technology

Research Horizons

Georgia Tech's Research Horizons Magazine
front office

I Take Mine Black (Hat)

Stopping Coffee Shop Hackers

By John Toon

If you’re sitting in a coffee shop, tapping away on your laptop, feeling safe from cyber criminals because you didn’t connect to the shop’s Wi-Fi, think again. The bad guys may be able to see what you’re doing just by analyzing the low-power electronic signals your laptop emits even when it’s not connected to the Internet.

Georgia Tech researchers are investigating where these information leaks originate so they can help hardware and software designers develop strategies to plug them. By studying emissions from multiple computers, the researchers have developed a metric for measuring the strength of the leaks — known technically as side-channel signals — to help prioritize security efforts.

“People are focused on security for the Internet and on the wireless communication side, but we are concerned with what can be learned from your computer without it intentionally sending anything,” said Alenka Zajic, an assistant professor in Georgia Tech’s School of Electrical and Computer Engineering. “Even if you have the Internet connection disabled, you are still emanating information that somebody could use to attack your computer or smartphone.”

Side-channel emissions can be measured several feet away from an operating computer using a variety of spying methods. Electromagnetic emissions can be received using antennas hidden in a briefcase, for instance. Acoustic emissions — sounds produced by electronic components such as capacitors — can be picked up by microphones hidden beneath tables. Information on power fluctuations, which can help hackers determine what the computer is doing, can be measured by fake battery chargers plugged into power outlets adjacent to a laptop’s power adapter.

Some signals can be picked up by a simple AM/ FM radio, while others require more sophisticated spectrum analyzers. And computer components such as voltage regulators produce emissions that can carry signals produced elsewhere in the laptop.

“It is not really possible to eliminate all side-channel signals,” said Milos Prvulovic, an associate professor in the Georgia Tech School of Computer Science. “The trick is to make those signals weak, so potential attackers would have to be closer, use larger antennas, and utilize time-consuming signal analyses. We have found that some operations are much ‘louder’ than others, so quieting them would make it more difficult for attackers.”

Results of the research were presented at the 47th Annual IEEE/ACM International Symposium on Microarchitecture in Cambridge, U.K. The work is sponsored by the National Science Foundation and the Air Force Office of Scientific Research.

Alenka Zajic (left) and Milos Prvulovic
Georgia Tech researchers Alenka Zajic (left) and Milos Prvulovic use a simple AM/FM radio to pick up side-channel signals from a cellphone. Such unintentional signals could be used to learn what computations are being done by the device. (Photo: Rob Felt)

Georgia Tech is home to more than 2,500 faculty members who conduct scientific and engineering research in hundreds of different research areas.

Related video: Cyber Security

video: cyber security

Related Stories

Read More
Read More
Read More

Media Contacts

John Toon

John Toon

Director of Research News
Phone: 404.894.6986

Anne Wainscott-Sargent

Research News
Phone: 404-435-5784

Subscribe & Connect

Follow Us on Twitter:


RSS Feeds

Subscribe to our RSS Feeds with your favorite reader.

Email Newsletter

Sign up to receive our monthly email newsletter.

Research Horizons Magazine

Sign up for a free subscription to Research Horizons magazine.