Data Exfiltration from Network-Isolated Virtual Computing Systems with Infrastructure Mediated Power Analysis

Download PDF
Open Webpage

Zechariah D. J. Wolf, Eric C. Larson, Mitchell A. Thornton

Published: 01 Jan 2026, Last Modified: 06 May 2026CrossrefEveryoneRevisionsCC BY-SA 4.0
Abstract: Side channels and covert channels have proven to be dangerous avenues for the leakage of sensitive information from computing systems. In this work, we propose and perform an experiment to investigate side and covert channel possibilities in virtual, enterprise environments. Using a power analysis approach, traces of the power signal from an enterprise-level server rack are examined in the frequency domain, revealing that electrical power line fluctuations can be correlated with patterns of system load on a virtual machine (VM) hosted by a server on the rack. We show the potential for a malicious insider to use this approach to establish a covert channel for the exfiltration of sensitive data from a VM. By encoding binary information into the signature of the spectral content of the power signal while the system experiences varying degrees of CPU load, it is shown that communication using binary symbols is feasible. The noise resilience of the channel is evaluated, and it is shown that communication at a rate of at least 1 bit per second is possible using this method.