{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T11:18:58Z","timestamp":1769167138729,"version":"3.49.0"},"reference-count":57,"publisher":"MDPI AG","issue":"6","license":[{"start":{"date-parts":[[2023,3,17]],"date-time":"2023-03-17T00:00:00Z","timestamp":1679011200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Agency for Defense Development Institute","award":["9129156"],"award-info":[{"award-number":["9129156"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Major public institutions and organizations that handle sensitive data frequently enforce strong security policies by implementing network separation policies that segregates their internal work networks and internet network using air gaps to prevent the leakage of confidential information. Such closed networks have long been considered the most secure technique for protecting data; however, studies have shown that they are no longer effective in providing a safe data protection environment. Research on air-gap attacks remains in its infancy stage. Studies have been conducted to check the method and demonstrate the possibility of transmitting data using various transmission media available within the closed network. These transmission media include optical signals such as HDD LEDs, acoustic signals such as speakers, and the electrical signals of power lines. This paper examines various media used for air-gap attacks by analyzing different techniques and their essential functions, strengths, and limitations. The findings of this survey and the follow-up analysis aim to assist companies and organizations in protecting their information by providing an understanding of air-gap attacks and their current trends.<\/jats:p>","DOI":"10.3390\/s23063215","type":"journal-article","created":{"date-parts":[[2023,3,17]],"date-time":"2023-03-17T05:06:01Z","timestamp":1679029561000},"page":"3215","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges"],"prefix":"10.3390","volume":"23","author":[{"given":"Jangyong","family":"Park","sequence":"first","affiliation":[{"name":"Department of Convergence Engineering for Intelligent Drone, Sejong University, 206 Neungdong-ro, Gwangjin-gu, Gunja-dong, Seoul 05006, Republic of Korea"}]},{"given":"Jaehoon","family":"Yoo","sequence":"additional","affiliation":[{"name":"Department of Convergence Engineering for Intelligent Drone, Sejong University, 206 Neungdong-ro, Gwangjin-gu, Gunja-dong, Seoul 05006, Republic of Korea"}]},{"given":"Jaehyun","family":"Yu","sequence":"additional","affiliation":[{"name":"Department of Convergence Engineering for Intelligent Drone, Sejong University, 206 Neungdong-ro, Gwangjin-gu, Gunja-dong, Seoul 05006, Republic of Korea"}]},{"given":"Jiho","family":"Lee","sequence":"additional","affiliation":[{"name":"Department of Convergence Engineering for Intelligent Drone, Sejong University, 206 Neungdong-ro, Gwangjin-gu, Gunja-dong, Seoul 05006, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2157-9651","authenticated-orcid":false,"given":"JaeSeung","family":"Song","sequence":"additional","affiliation":[{"name":"Department of Convergence Engineering for Intelligent Drone, Sejong University, 206 Neungdong-ro, Gwangjin-gu, Gunja-dong, Seoul 05006, Republic of Korea"}]}],"member":"1968","published-online":{"date-parts":[[2023,3,17]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Huang, Z.X., So, P.L., Ghias, A.M.Y.M., and Koh, L.H. (2021, January 17\u201319). Analysis of Cyber-Physical Attack in Transmission Systems. Proceedings of the 2021 IEEE 6th International Conference on Computing, Communication and Automation (ICCCA), Arad, Romania.","DOI":"10.1109\/ICCCA52192.2021.9666239"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Miller, J.F. (2013). Supply Chain Attack Framework and Attack Patterns, MITRE CORP. Technical Report.","DOI":"10.21236\/ADA610495"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1109\/MSP.2011.67","article-title":"Stuxnet: Dissecting a cyberwarfare weapon","volume":"9","author":"Langner","year":"2011","journal-title":"IEEE Secur. Priv."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1080\/00396338.2011.555586","article-title":"Stuxnet and the future of cyber war","volume":"53","author":"Farwell","year":"2011","journal-title":"Survival"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Karnouskos, S. (2011, January 7\u201310). Stuxnet worm impact on industrial cyber-physical system security. Proceedings of the IECON 2011\u201437th Annual Conference of the IEEE Industrial Electronics Society, Melbourne, VIC, Australia.","DOI":"10.1109\/IECON.2011.6120048"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"3453","DOI":"10.1109\/COMST.2018.2855563","article-title":"A survey of iot-enabled cyberattacks: Assessing attack paths to critical infrastructures and services","volume":"20","author":"Stellios","year":"2018","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_7","unstructured":"Koeune, F., and Standaert, F.X. (2005). Foundations of Security Analysis and Design III: FOSAD 2004\/2005 Tutorial Lectures, Springer."},{"key":"ref_8","first-page":"54","article-title":"Side channel attack-survey","volume":"1","author":"Prabhu","year":"2011","journal-title":"Int. J. Adv. Sci. Res. Rev."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Devi, M., and Majumder, A. (2021, January 3\u20134). Side-channel attack in Internet of Things: A survey. Proceedings of the Applications of Internet of Things: Proceedings of ICCCIOT 2020, Agartala, Tripura, India.","DOI":"10.1007\/978-981-15-6198-6_20"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"135","DOI":"10.1007\/s13389-019-00212-8","article-title":"Applications of machine learning techniques in side-channel attacks: A survey","volume":"10","author":"Hettwer","year":"2020","journal-title":"J. Cryptogr. Eng."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Baldwin, K., Popick, P.R., Miller, J.F., and Goodnight, J. (2012, January 19\u201322). The United States Department of Defense revitalization of system security engineering through program protection. Proceedings of the 2012 IEEE International Systems Conference SysCon 2012, Vancouver, BC, Canada.","DOI":"10.1109\/SysCon.2012.6189463"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Dolan, K.V., Wright, P.A., and Montequin, R.R. (2000). US Department of Defense Application-Level Firewall Protection Profile for Medium Robustness Environments, Booz-Allen and Hamilton INC. Technical Report.","DOI":"10.21236\/ADA386037"},{"key":"ref_13","first-page":"27","article-title":"North Korea\u2019s Cyber Attack: Terror Cases and Cyber Capabilities and Current State of Affairs of North Korea\u2019s Cyber Terror Force","volume":"1","author":"Son","year":"2016","journal-title":"J. Instrum."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"2317","DOI":"10.1109\/COMST.2015.2474118","article-title":"Security in software defined networks: A survey","volume":"17","author":"Ahmad","year":"2015","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"ref_15","unstructured":"Lu, Z., Yang, Y., and Shen, L. (2011, January 24\u201326). A survey of security separation technology and products. Proceedings of the 2011 International Conference on Computer Science and Network Technology, Harbin, China."},{"key":"ref_16","unstructured":"Lee, S.H. (2011). A Study on Separate Plan of Efficient Information System Network in Partitioned Network Environment. [Master\u2019s Thesis, Soongsil University]."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Sharma, R.K., Kalita, H.K., and Issac, B. (2014, January 11\u201313). Different firewall techniques: A survey. Proceedings of the Fifth International Conference on Computing, Communications and Networking Technologies (ICCCNT), Hefei, China.","DOI":"10.1109\/ICCCNT.2014.6963102"},{"key":"ref_18","first-page":"318","article-title":"Software defined networking firewall for industry 4.0 manufacturing systems","volume":"11","author":"Tsuchiya","year":"2018","journal-title":"J. Ind. Eng. Manag."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Jung, W.C., Kim, J., and Park, N. (2021). Web-Browsing Application Using Web Scraping Technology in Korean Network Separation Application. Symmetry, 13.","DOI":"10.3390\/sym13081550"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Randolph, M., and Diehl, W. (2020). Power side-channel attack analysis: A review of 20 years of study for the layman. Cryptography, 4.","DOI":"10.3390\/cryptography4020015"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"465","DOI":"10.1109\/COMST.2017.2779824","article-title":"Systematic classification of side-channel attacks: A case study for mobile devices","volume":"20","author":"Spreitzer","year":"2017","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Gupta, H., Mondal, S., Majumdar, R., Ghosh, N.S., Khan, S.S., Kwanyu, N.E., and Mishra, V.P. (2019, January 11\u201312). Impact of side channel attack in information security. Proceedings of the 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE), Dubai, United Arab Emirates.","DOI":"10.1109\/ICCIKE47802.2019.9004435"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Khan, A.K., and Mahanta, H.J. (2014, January 1\u20132). Side channel attacks and their mitigation techniques. Proceedings of the 2014 First International Conference on Automation, Control, Energy and Systems (ACES), Adisaptagram, India.","DOI":"10.1109\/ACES.2014.6807983"},{"key":"ref_24","unstructured":"Gilbert Goodwill, B.J., Jaffe, J., and Rohatgi, P. (2011, January 26\u201327). A testing methodology for side-channel resistance validation. Proceedings of the NIST Non-Invasive Attack Testing Workshop, Nara, Japan."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Korona, M., Wojciechowski, T., Rawski, M., and Tomaszewicz, P. (2019, January 27\u201329). Cryptographic coprocessor with modular architecture for research and development of countermeasures against power-based side-channel attacks. Proceedings of the 2019 MIXDES-26th International Conference \u201cMixed Design of Integrated Circuits and Systems\u201d, Rzeszow, Poland.","DOI":"10.23919\/MIXDES.2019.8787062"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Khelil, F., Hamdi, M., Guilley, S., Danger, J.L., and Selmane, N. (2008, January 5\u20137). Fault analysis attack on an FPGA AES implementation. Proceedings of the 2008 New Technologies, Mobility and Security, Tangier, Morocco.","DOI":"10.1109\/NTMS.2008.ECP.45"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Dusart, P., Letourneux, G., and Vivolo, O. (2003, January 16\u201319). Differential fault analysis on AES. Proceedings of the Applied Cryptography and Network Security: First International Conference, ACNS 2003, Kunming, China.","DOI":"10.1007\/978-3-540-45203-4_23"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2870641","article-title":"Bridging the air gap between isolated networks and mobile phones in a practical cyber-attack","volume":"8","author":"Guri","year":"2017","journal-title":"ACM Trans. Intell. Syst. Technol."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Guri, M., Kedma, G., Kachlon, A., and Elovici, Y. (2014, January 28\u201330). AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies. Proceedings of the 2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE), Fajardo, PR, USA.","DOI":"10.1109\/MALWARE.2014.6999418"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Guri, M., Monitz, M., and Elovici, Y. (2016, January 12\u201314). USBee: Air-gap covert-channel via electromagnetic emission from USB. Proceedings of the 2016 14th Annual Conference on Privacy, Security and Trust (PST), Auckland, New Zealand.","DOI":"10.1109\/PST.2016.7906972"},{"key":"ref_31","unstructured":"Guri, M., Kachlon, A., Hasson, O., Kedma, G., Mirsky, Y., and Elovici, Y. (2015, January 12\u201314). Gsmem: Data exfiltration from air-gapped computers over {GSM} frequencies. Proceedings of the 24th USENIX Security Symposium (USENIX Security 15), Washington, DC, USA."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Guri, M., Zadov, B., Bykhovsky, D., and Elovici, Y. (2019, January 15\u201319). Ctrl-alt-led: Leaking data from air-gapped computers via keyboard leds. Proceedings of the 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Milwaukee, WI, USA.","DOI":"10.1109\/COMPSAC.2019.00118"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Guri, M., Zadov, B., and Elovici, Y. (2017, January 6\u20137). LED-it-GO: Leaking (a lot of) Data from Air-Gapped Computers via the (small) Hard Drive LED. Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment: 14th International Conference, DIMVA 2017, Bonn, Germany.","DOI":"10.1007\/978-3-319-60876-1_8"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Guri, M., and Monitz, M. (2018, January 12\u201314). LCD TEMPEST Air-Gap Attack Reloaded. Proceedings of the 2018 IEEE International Conference on the Science of Electrical Engineering in Israel (ICSEE), Eilat, Israel.","DOI":"10.1109\/ICSEE.2018.8646277"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Loughry, J. (2019, January 2\u20136). (\u201cOops! Had the silly thing in reverse\u201d)\u2014Optical injection attacks in through LED status indicators. Proceedings of the 2019 International Symposium on Electromagnetic Compatibility\u2014EMC EUROPE, Barcelona, Spain.","DOI":"10.1109\/EMCEurope.2019.8871920"},{"key":"ref_36","first-page":"113","article-title":"A survey of image steganography techniques","volume":"54","author":"Hussain","year":"2013","journal-title":"Int. J. Adv. Sci. Technol."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1016\/j.cose.2018.11.004","article-title":"air-jumper: Covert air-gap exfiltration\/infiltration via security cameras & infrared (ir)","volume":"82","author":"Guri","year":"2019","journal-title":"Comput. Secur."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Costin, A. (2016, January 28). Security of CCTV and Video Surveillance Systems: Threats, Vulnerabilities, Attacks, and Mitigations. Proceedings of the 6th International Workshop on Trustworthy Embedded Devices, TrustED \u201916, Vienna, Austria.","DOI":"10.1145\/2995289.2995290"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Guri, M., Hasson, O., Kedma, G., and Elovici, Y. (2016, January 12\u201314). An optical covert-channel to leak data through an air-gap. Proceedings of the 2016 14th Annual Conference on Privacy, Security and Trust (PST), Auckland, New Zealand.","DOI":"10.1109\/PST.2016.7906933"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Guri, M., Solewicz, Y., and Elovici, Y. (2018, January 10\u201313). Mosquito: Covert ultrasonic transmissions between two air-gapped computers using speaker-to-speaker communication. Proceedings of the 2018 IEEE Conference on Dependable and Secure Computing (DSC), Kaohsiung, Taiwan.","DOI":"10.1109\/DESEC.2018.8625124"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"101721","DOI":"10.1016\/j.cose.2020.101721","article-title":"Fansmitter: Acoustic data exfiltration from air-gapped computers via fans noise","volume":"91","author":"Guri","year":"2020","journal-title":"Comput. Secur."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Guri, M., Solewicz, Y., Daidakulov, A., and Elovici, Y. (2016). Diskfiltration: Data exfiltration from speakerless air-gapped computers via covert hard drive noise. arXiv.","DOI":"10.1007\/978-3-319-66399-9_6"},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Zhu, W., Liu, Y., Fan, Y., Liu, Y., and Liu, R. (2019, January 2\u20135). If Air-Gap Attacks Encounter the Mimic Defense. Proceedings of the 2019 9th International Conference on Information Science and Technology (ICIST), Hulunbuir, China.","DOI":"10.1109\/ICIST.2019.8836735"},{"key":"ref_44","unstructured":"Guri, M. (2020). Power-supplay: Leaking data from air-gapped systems by turning the power-supplies into speakers. arXiv."},{"key":"ref_45","unstructured":"Mirsky, Y., Guri, M., and Elovici, Y. (2017). Hvacker: Bridging the air-gap by attacking the air conditioning system. arXiv."},{"key":"ref_46","first-page":"222","article-title":"Optical air-gap exfiltration attack via invisible images","volume":"46","author":"Guri","year":"2019","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Agadakos, I., Chen, C.Y., Campanelli, M., Anantharaman, P., Hasan, M., Copos, B., Lepoint, T., Locasto, M., Ciocarlie, G.F., and Lindqvist, U. (2017, January 3). Jumping the air gap: Modeling cyber-physical attack paths in the Internet-of-Things. Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and Privacy, Dallas, TX, USA.","DOI":"10.1145\/3140241.3140252"},{"key":"ref_48","doi-asserted-by":"crossref","unstructured":"Guri, M. (2022, January 22\u201324). SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables. Proceedings of the 2022 19th Annual International Conference on Privacy, Security & Trust (PST), Fredericton, NB, Canada.","DOI":"10.1109\/PST55820.2022.9851978"},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1016\/j.future.2021.03.025","article-title":"Exfiltrating data from air-gapped computers via ViBrAtIoNs","volume":"122","author":"Guri","year":"2021","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Guri, M., Monitz, M., Mirski, Y., and Elovici, Y. (2015, January 13\u201317). Bitwhisper: Covert signaling channel between air-gapped computers using thermal manipulations. Proceedings of the 2015 IEEE 28th Computer Security Foundations Symposium, Verona, Italy.","DOI":"10.1109\/CSF.2015.26"},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Guri, M. (2019, January 26\u201327). HOTSPOT: Crossing the Air-Gap Between Isolated PCs and Nearby Smartphones Using Temperature. Proceedings of the 2019 European Intelligence and Security Informatics Conference (EISIC), Oulu, Finland.","DOI":"10.1109\/EISIC49498.2019.9108874"},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"313","DOI":"10.1109\/TDSC.2021.3133406","article-title":"Power-supplay: Leaking sensitive data from air-gapped, audio-gapped systems by turning the power supplies into speakers","volume":"20","author":"Guri","year":"2021","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"1879","DOI":"10.1109\/TIFS.2019.2952257","article-title":"PowerHammer: Exfiltrating data from air-gapped computers through power lines","volume":"15","author":"Guri","year":"2019","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"1190","DOI":"10.1109\/TIFS.2019.2938404","article-title":"Odini: Escaping sensitive data from faraday-caged, air-gapped computers via magnetic fields","volume":"15","author":"Guri","year":"2019","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"115","DOI":"10.1016\/j.future.2020.08.045","article-title":"Magneto: Covert channel between air-gapped systems and nearby smartphones via cpu-generated magnetic fields","volume":"115","author":"Guri","year":"2021","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Guri, M., Bykhovsky, D., and Elovici, Y. (2019, January 28\u201329). Brightness: Leaking sensitive data from air-gapped workstations via screen brightness. Proceedings of the 2019 12th CMI Conference on Cybersecurity and Privacy (CMI), Copenhagen, Denmark.","DOI":"10.1109\/CMI48017.2019.8962137"},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Guri, M. (2020). Air-viber: Exfiltrating data from air-gapped computers via covert surface vibrations. arXiv.","DOI":"10.1109\/TIFS.2019.2952257"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/6\/3215\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T18:57:30Z","timestamp":1760122650000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/6\/3215"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,17]]},"references-count":57,"journal-issue":{"issue":"6","published-online":{"date-parts":[[2023,3]]}},"alternative-id":["s23063215"],"URL":"https:\/\/doi.org\/10.3390\/s23063215","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,3,17]]}}}