CCHEF – Covert Channels Evaluation Framework User Manual Version 0.1
نویسنده
چکیده
Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert communications. Covert channels are hidden inside pre-existing overt communication by encoding additional semantics onto ‘normal’ behaviours of the overt channels. We have developed CCHEF – a flexible and extensible software framework for evaluating covert channels in network protocols. The framework is able to establish covert channels across real networks using real overt traffic, but can also emulate covert channels based on overt traffic previously collected in trace files. In this paper we describe how to use CCHEF.
منابع مشابه
CCHEF – Covert Channels Evaluation Framework Design and Implementation
Communication is not necessarily made secure by the use of encryption alone. The mere existence of communication is often enough to raise suspicion and trigger investigative actions. Covert channels aim to hide the very existence of the communication. The huge amount of data and vast number of different protocols in the Internet makes it ideal as a high-bandwidth vehicle for covert communicatio...
متن کاملAn Evaluation Framework for the Analysis of Covert Channels in the TCP/IP Protocol Suite
Information hiding techniques can be used by criminals and terrorists to communicate over covert channels within the TCP/IP protocol suite and can be used to overcome firewalls and most other forms of network intrusion detection and prevention systems. In this work we describe the covert channel concept and weaknesses in the five layered TCP/IP layered model. We then present an evaluation frame...
متن کاملModel-Based Covert Timing Channels: Automated Modeling and Evasion
The exploration of advanced covert timing channel design is important to understand and defend against covert timing channels. In this paper, we introduce a new class of covert timing channels, called model-based covert timing channels, which exploit the statistical properties of legitimate network traffic to evade detection in an effective manner. We design and implement an automated framework...
متن کاملCovert channels in combinatorial games
A general framework for exploiting covert channels in combinatorial games is presented. The framework is applicable to all combinatorial games, including Chess and Go, but is applied to the game of Tic-Tac-Toe for ease of experimental analysis. The security and capacity of the resulting covert channel are analyzed experimentally. By considering the ways in which a passive adversary can attempt ...
متن کاملAn Empirical Bandwidth Analysis of Interrupt-Related Covert Channels
We empirically evaluate interrupt-related covert channels, in short IRCCs, a type of covert channel that leverages hardware interrupts for communication. The evaluation is based on an exploit of IRCCs that we implemented as a proof-of-concept. We use a combination of experimental evaluation and information-theoretic analysis to compute the bandwidth of the channel on a concrete system. Our anal...
متن کامل