Keyboards and Covert Channels
نویسندگان
چکیده
This paper introduces JitterBugs, a class of inline interception mechanisms that covertly transmit data by perturbing the timing of input events likely to affect externally observable network traffic. JitterBugs positioned at input devices deep within the trusted environment (e.g., hidden in cables or connectors) can leak sensitive data without compromising the host or its software. In particular, we show a practical Keyboard JitterBug that solves the data exfiltration problem for keystroke loggers by leaking captured passwords through small variations in the precise times at which keyboard events are delivered to the host. Whenever an interactive communication application (such as SSH, Telnet, instant messaging, etc) is running, a receiver monitoring the host’s network traffic can recover the leaked data, even when the session or link is encrypted. Our experiments suggest that simple Keyboard JitterBugs can be a practical technique for capturing and exfiltrating typed secrets under conventional OSes and interactive network applications, even when the receiver is many hops away on the Internet.
منابع مشابه
طراحی و ارزیابی روش کدگذاری ترکیبی برای کانال پوششی زمانبندیدار در شبکه اینترنت
Covert channel means communicating information through covering of overt and authorized channel in a manner that existence of channel to be hidden. In network covert timing channels that use timing features of transmission packets to modulating covert information, the appropriate encoding schema is very important. In this paper, a hybrid encoding schema proposed through combining "the inter-pac...
متن کاملA Review on Covert Timing Channels & their Applications
Covert network timing channels control time between transmissions of packets in overt network communication and transmits hidden messages. This paper presents an overview of different concepts of covert timing channels such as types, features and properties. There is range of terms used for security of information such as encryption, covert channels, network steganography or information hiding ...
متن کاملEmploying Entropy in the Detection and Monitoring of Network Covert Channels
The detection of covert channels has quickly become a vital need due to their pervasive nature and the increasing popularity of the Internet. In recent years, new and innovative methods have been proposed to aid in the detection of covert channels. Existing detection schemes are often too specific and are ineffective against new covert channels. In this paper, we expound upon previous work done...
متن کاملDetection And Elimination Of Covert Communication In Transport And Internet Layer – A Survey
Covert channels use stealth communications to compromise the security policies of systems. They constitute an important security threat since they can be used to exfiltrate confidential data from networks. TCP/IP protocols are used everyday and are subject to covert channels problems. Covert channels are used for the secret transfer of information. Encryption only protects communication from be...
متن کاملCovert Channels | Here to Stay? Covert Channels | Here to Stay?
We discuss the di culties of satisfying high-assurance system requirements without sacri cing system capabilities. To alleviate this problem, we show how trade-o s can be made to reduce the threat of covert channels. We also clarify certain concepts in the theory of covert channels. Traditionally, a covert channel's vulnerability was measured by the capacity. We show why a capacity analysis alo...
متن کامل