{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T20:09:52Z","timestamp":1778789392285,"version":"3.51.4"},"reference-count":40,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2022,5,4]],"date-time":"2022-05-04T00:00:00Z","timestamp":1651622400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Science Foundation","award":["CNS 1705135"],"award-info":[{"award-number":["CNS 1705135"]}]},{"name":"CONIX Research Center"},{"DOI":"10.13039\/100006754","name":"Army Research Laboratory","doi-asserted-by":"crossref","award":["W911NF-17-2-0196"],"award-info":[{"award-number":["W911NF-17-2-0196"]}],"id":[{"id":"10.13039\/100006754","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2022,5,31]]},"abstract":"<jats:p>Printers have become ubiquitous in modern office spaces, and their placement in these spaces been guided more by accessibility than security. Due to the proximity of printers to places with potentially high-stakes information, the possible misuse of these devices is concerning. We present a previously unexplored covert channel that effectively uses the sound generated by printers with inkjet technology to exfiltrate arbitrary sensitive data (unrelated to the apparent content of the document being printed) from an air-gapped network. We also discuss a series of defense techniques that can make these devices invulnerable to covert manipulation.<\/jats:p><jats:p>The proposed covert channel works by malware installed on a computer with access to a printer, injecting certain imperceptible patterns into all documents that applications on the computer send to the printer. These patterns can control the printing process without visibly altering the original content of a document, and generate acoustic signals that a nearby acoustic recording device, such as a smartphone, can capture and decode. To prove and analyze the capabilities of this new covert channel, we carried out tests considering different types of document layouts and distances between the printer and recording device. We achieved a bit error ratio less than 5% and an average bit rate of approximately 0.5 bps across all tested printers at distances up to 4 m, which is sufficient to extract tiny bits of information.<\/jats:p>","DOI":"10.1145\/3510583","type":"journal-article","created":{"date-parts":[[2022,5,4]],"date-time":"2022-05-04T13:03:36Z","timestamp":1651669416000},"page":"1-26","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["InkFiltration: Using Inkjet Printers for Acoustic Data Exfiltration from Air-Gapped Networks"],"prefix":"10.1145","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1843-5830","authenticated-orcid":false,"given":"Julian","family":"de Gortari Briseno","sequence":"first","affiliation":[{"name":"University of California, Los Angeles, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Akash Deep","family":"Singh","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mani","family":"Srivastava","sequence":"additional","affiliation":[{"name":"University of California, Los Angeles, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,5,4]]},"reference":[{"key":"e_1_3_3_2_2","volume-title":"Brutal Kangaroo\u2014Drifting Deadline v1.2: User Guide","author":"WikiLeaks","year":"2016","unstructured":"WikiLeaks. 2016. Brutal Kangaroo\u2014Drifting Deadline v1.2: User Guide. Retrieved October 11, 2020 from https:\/\/wikileaks.org\/vault7\/document\/Brutal_Kangaroo-DriftingDeadline-V1_2-User_Guide\/."},{"key":"e_1_3_3_3_2","unstructured":"Adobe Systems Inc. 2008. Document Management\u2014Portable Document Format\u2014Part 1: PDF 1.7. Adobe Systems Inc. https:\/\/www.adobe.com\/content\/dam\/acom\/en\/devnet\/pdf\/PDF32000_2008.pdf."},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCPS.2016.7479068"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.5555\/1929820.1929847"},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2851584"},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.1117\/12.854708"},{"key":"e_1_3_3_8_2","unstructured":"Joey Chen. 2020. Tropic Trooper\u2019s USBferry Targets Air-Gapped Networks. Retrieved October 2 2020 from https:\/\/www.trendmicro.com\/en_us\/research\/20\/e\/tropic-troopers-back-usbferry-attack-targets-air-gapped-environments.html."},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.23919\/SMAGRIMET.2019.8720378"},{"key":"e_1_3_3_10_2","volume-title":"W32.Stuxnet Dossier","author":"Falliere Nicolas","unstructured":"Nicolas Falliere, Liam O. Murchu, and Eric Chien. 2011. W32.Stuxnet Dossier. Technical Report. Symantec. https:\/\/www.wired.com\/images_blogs\/threatlevel\/2011\/02\/Symantec-Stuxnet-Update-Feb-2011.pdf."},{"key":"e_1_3_3_11_2","unstructured":"Mordechai Guri. 2020. AiR-ViBeR: Exfiltrating data from air-gapped computers via covert surface ViBrAtIoNs. arxiv:2004.06195 [cs.CR]."},{"key":"e_1_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC48688.2020.0-163"},{"key":"e_1_3_3_13_2","unstructured":"Mordechai Guri. 2020. POWER-SUPPLaY: Leaking data from air-gapped systems by turning the power-supplies into speakers. arxiv:2005.00395 [cs.CR]."},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2016.7906933"},{"key":"e_1_3_3_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2016.7906972"},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2015.26"},{"key":"e_1_3_3_17_2","unstructured":"Mordechai Guri Yosef Solewicz Andrey Daidakulov and Yuval Elovici. 2016. Fansmitter: Acoustic data exfiltration from (speakerless) air-gapped computers. arxiv:1606.05915 [cs.CR]."},{"key":"e_1_3_3_18_2","doi-asserted-by":"crossref","first-page":"98","DOI":"10.1007\/978-3-319-66399-9_6","volume-title":"Computer Security\u2014ESORICS 2017","author":"Guri Mordechai","year":"2017","unstructured":"Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici. 2017. Acoustic data exfiltration from speakerless air-gapped computers via covert hard-drive noise (\u2018DiskFiltration\u2019). In Computer Security\u2014ESORICS 2017, Simon N. Foley, Dieter Gollmann, and Einar Snekkenes (Eds.). International, Cham, Switzerland, 98\u2013115."},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/DESEC.2018.8625124"},{"key":"e_1_3_3_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2019.2938404"},{"key":"e_1_3_3_21_2","doi-asserted-by":"crossref","unstructured":"Mustafa Kamasak Anand V. Deshpande Kok Leong Thoon Charles A. Bouman George T.-C. Chiu and Jan P. Allebach. 2001. Dynamic print mode control for inkjet printing. In Proceedings of the 2001 International Conference on Digital Printing Technologies. 78\u201382. https:\/\/www.ingentaconnect.com\/content\/ist\/nipdf\/2001\/00002001\/00000001\/art00014.","DOI":"10.2352\/ISSN.2169-4451.2001.17.1.art00014_1"},{"key":"e_1_3_3_22_2","volume-title":"The ProjectSauron APT","author":"Kaspersky Lab.","year":"2016","unstructured":"Kaspersky Lab. 2016. The ProjectSauron APT. Kaspersky Lab. https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/43\/2018\/03\/07190154\/The-ProjectSauron-APT_research_KL.pdf."},{"key":"e_1_3_3_23_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2833063"},{"key":"e_1_3_3_24_2","first-page":"1","volume-title":"Modern Digital Halftoning (2nd ed.)","author":"Lau Daniel L.","year":"2008","unstructured":"Daniel L. Lau and Gonzalo R. Arce. 2008. Introduction. In Modern Digital Halftoning (2nd ed.). CRC Press, Boca Raton, FL, 1\u201319."},{"key":"e_1_3_3_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIP.2005.843787"},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2854708"},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.1039\/C9TC01630A"},{"key":"e_1_3_3_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2923215"},{"key":"e_1_3_3_29_2","unstructured":"Ignacio Sanmillan. 2020. Ramsay: A cyber-espionage toolkit tailored for air-gapped networks. Retrieved October 12 2020 from https:\/\/www.welivesecurity.com\/2020\/05\/13\/ramsay-cyberespionage-toolkit-airgapped-networks\/."},{"key":"e_1_3_3_30_2","article-title":"Secret code in color printers lets government track you","author":"Schoen Seth","unstructured":"Seth Schoen. 2005. Secret code in color printers lets government track you. Electronic Frontier Foundation. Retrieved October 10, 2020 from https:\/\/www.eff.org\/press\/archives\/2005\/10\/16.","journal-title":"Electronic Frontier Foundation."},{"key":"e_1_3_3_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00031"},{"key":"e_1_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-323-37468-2.00014-2"},{"key":"e_1_3_3_33_2","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978300"},{"key":"e_1_3_3_34_2","volume-title":"PDF as Standard Print Job Format","author":"The Linux Foundation","year":"2016","unstructured":"The Linux Foundation. 2016. PDF as Standard Print Job Format. The Linux Foundation. https:\/\/wiki.linuxfoundation.org\/openprinting\/pdf_as_standard_print_job_format."},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.02.001"},{"key":"e_1_3_3_36_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2017.10.016"},{"key":"e_1_3_3_37_2","unstructured":"Matthias Wandel. n.d. Un-building an ink jet printer. Retrieved October 8 2020 from https:\/\/woodgears.ca\/tech\/printer.html."},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1145\/3384419.3430772"},{"key":"e_1_3_3_39_2","first-page":"95","volume-title":"Information Visualization: Perception for Design","author":"Ware Colin","year":"2004","unstructured":"Colin Ware. 2004. Color. In Information Visualization: Perception for Design (Interactive Technologies) (2nd ed.). Morgan Kaufmann, San Francisco, CA, 95\u2013141."},{"key":"e_1_3_3_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/3117811.3117814"},{"key":"e_1_3_3_41_2","doi-asserted-by":"publisher","DOI":"10.1109\/HOST45689.2020.9300268"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3510583","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3510583","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3510583","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:12:20Z","timestamp":1750191140000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3510583"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,4]]},"references-count":40,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2022,5,31]]}},"alternative-id":["10.1145\/3510583"],"URL":"https:\/\/doi.org\/10.1145\/3510583","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,4]]},"assertion":[{"value":"2021-10-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-01-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-05-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}