| Initial publication | S. Wendzel, S. Zander, B. Fechner, C. Herdin in [1] |
| Alias(es) | PDU Order [1], Manipulated Message Ordering [2], Message Ordering [3]. |
| Illustration | The covert channel encodes data using a synthetic PDU order for a given number of PDUs flowing between covert sender and receiver. |
| Context | Network Covert Timing Channels -> Protocol-aware |
| Evidence | K. Ahsan and D. Kundur. 2002. Practical Data Hiding in TCP/IP. In Proc. Workshop on Multimedia Security at ACM Multimedia ’02. X. Luo, E.W.W. Chan, and R.K.C. Chang. 2007. Cloak: A Ten-Fold Way for Reliable Covert Communications. In Proc. 12th European Symposium On Research In Computer Security (ESORICS 2007) (LNCS), Vol. 4734. Springer. A. El-Atawy and E. Al-Shaer. 2009. Building Covert Channels over the Packet Reordering Phenomenon. In INFOCOM 2009. 2186–2194. See [1] and [2] for more evidence entries. |
| Implementation |
|
| Known Pattern-based Countermeasures |
|
References:
[1] S. Wendzel, S. Zander, B. Fechner, C. Herdin: Pattern-based Survey and Categorization of Network Covert Channel Techniques, ACM Computing Surveys, Vol. 47, Issue 3, pp. 50:1-26, ACM, 2015.
An early version of the article is available here: download.
[2] W. Mazurczyk, S. Wendzel, S. Zander, A. Houmansadr, K. Szczypiorski: Information Hiding in Communication Networks: Fundamentals, Mechanisms, and Applications, IEEE Series on Information and Communication Networks Security, Wiley, 2016 (cf. Amazon.com).
[3] W. Mazurczyk, S. Wendzel, K. Cabaj: Towards Deriving Insights into Data Hiding Methods Using Pattern-based Approach, in Proc. Second International Workshop on Criminal Use of Information Hiding (CUING 2018) at ARES, pp. 10:1-10:10, ACM, 2018.
Keine Kommentare:
Kommentar veröffentlichen