CyberEye: Obtaining Data from Virtual Desktop by Video

VDI is no longer safe and reliable anymore. VDI(Virtual Desktop Infrastructure, also called Cloud Desktop) is being widely used as working interface to avoid data exfiltration. With VDI client, end users can access internal data without obtaining data actually. In this paper, we present a new approach named CyberEye, to extract data from VDI by video even data transmission has been forbidden. By encoding data file to video, playing it in VDI meanwhile recording it in host PC, we can get full information of the data with video format, then decode it to recover the original data file. The proof-of-concept on Citrix Workspace and several other remote virtual desktops has strongly been proved the availability and reliability of the CyberEye. We introduce the usage in operation model to show how it's been designed and implemented in technical work section. And also, we have opened the source code to researchers for reproducing the work.