Initial publication | S. Wendzel, S. Zander, B. Fechner, C. Herdin in [1], updated by [2]. |
Illustration | The covert channel alters timing intervals between network PDUs (interarrival times) to encode hidden data. |
Context | Network Covert Timing Channels -> Protocol-agnostic |
Evidence | G. Shah, A. Molina, and M. Blaze. 2006. Keyboards and Covert Channels. In Proc. 15th USENIX Security Symposium. USENIX Association, 59–75. C. G. Girling. 1987. Covert Channels in LAN’s. IEEE Transactions on Software Engineering 13 (February 1987), 292–296. Issue 2. S. Cabuk. 2006. Network covert channels: Design, analysis, detection, and elimination. Ph.D. Dissertation. Purdue University. See [1] for additional evidence entries. |
Implementation | Covert Channels Evaluation Framework (CCHEF) |
References:
[1] S. Wendzel, S. Zander, B. Fechner, C. Herdin: Pattern-based Survey and Categorization of Network Covert Channel Techniques, ACM Computing Surveys, Vol. 47, Issue 3, pp. 50:1-26, ACM, 2015.
An early version of the article is available here: download.
[2] W. Mazurczyk, S. Wendzel, S. Zander, A. Houmansadr, K. Szczypiorski: Information Hiding in Communication Networks, Wiley, 2016. Chapters 3 and 8 contain discussions on hiding patterns, basically on the basis of [1] but with an extension of timing-based patterns.
Keine Kommentare:
Kommentar veröffentlichen