Examining Electromagnetic Emission from Ethernet Cables for Data Exfiltration from the Far-field

Abstract

bstract Electromagnetic (EM) side-channel attacks present a critical threat to the security of air-gapped and physically isolated systems. While previous research has demonstrated the feasibility of near-field electromagnetic exfiltration fromEthernet cables using software-defined radios (SDRs), there remains limited exploration into the performance and practicality of such attacks from the far-field. This study investigates the technical feasibility, limitations, and performance of covert EM-based data exfiltration fromCat6 Ethernet cables using far-field antennas under controlled laboratory conditions. The research aims to evaluate how effectively binary data can be transmitted through intentional EMemissions created viamodulated network traffic patterns. Experiments were conducted to determine themaximumachievable data rate and to analyze how increasing the distance between the transmission medium and the receiver affects signal quality, Bit Error Rate (BER), and Signal-to-Noise Ratio (SNR). The methodology involved the use of SDRs, far-field antennas, and a custom-built encoder/decoder system incorporating Manchester encoding, Cyclic Redundancy Check (CRC), and Hamming error correction techniques to ensure reliable transmission and recovery of data. Results demonstrate that reliable data exfiltration is achievable at a maximum rate of 10 bits per second at short distances (e.g., 2 cm), but signal quality and decoding reliability significantly degrade as distance increases, due to attenuation and environmental noise. The application of noise filtering through a Least Mean Squares (LMS) adaptive filter showed moderate improvement in SNR but was insufficient to overcome the limitations imposed by hardware sensitivity and signal strength. Furthermore, the study highlights the inadequacy of conventional shielding techniques in mitigating low-frequency emissions and emphasizes the need for proactive security measures. This research contributes to the growing field of electromagnetic side-channel analysis by extending the attack surface beyond near-field threats. It offers insights into covert channel design, signal processing challenges, and mitigation strategies, raising awareness about the overlooked vulnerabilities of wired networks, even in physically isolated environments.